Add a helper function for extracting the least significant 32 bits from the
OPTEE entry point address, which will be good enough to load OPTEE binaries
up to (2^32)-1 bytes.
We may need to extend this out later on but for now (2^32)-1 should be
fine.
Signed-off-by: Bryan O'Donoghu
CONFIG_OPTEE_LOAD_ADDR appear in u-boot.cfg.
Adding new CONFIG entires to u-boot should be kconfig driven so this patch
does just that.
Signed-off-by: Bryan O'Donoghue
Reviewed-by: Ryan Harkin
---
lib/optee/Kconfig | 6 ++
1 file changed, 6 insertions(+)
diff --git a/lib/optee/Kconfig b/lib/
This patch makes it possible to verify the contents and location of an
OPTEE image in DRAM prior to handing off control to that image. If image
verification fails we won't try to boot any further.
Signed-off-by: Bryan O'Donoghue
Suggested-by: Andrew F. Davis
Cc: Harinarayan Bhatta
Cc
On 16/03/18 08:17, Lothar Waßmann wrote:
'setexpr hab_ivt_addr ${loadaddr} + 0x400' could not do as well?
That might work too. I'll check.
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
On 15/03/18 16:54, Breno Matheus Lima wrote:
Hi Bryan,
2018-03-09 14:35 GMT-03:00 Bryan O'Donoghue :
This patch adds IVT_PAD_SIZE at 0xC00. The IVT header is padded to this
size. Defining the size explicitly makes it possible to use the define to
locate the start/end of an IVT header wi
On 15/03/18 17:15, Breno Matheus Lima wrote:
If I run this command without any parameter the code is wrongly
executed, and the system goes to USB recovery mode.
Oops.
I'll fix that so.
---
bod
___
U-Boot mailing list
U-Boot@lists.denx.de
https://l
On 20/03/18 01:53, Breno Matheus Lima wrote:
Hi Bryan,
2018-03-17 8:06 GMT-03:00 Bryan O'Donoghue :
On 15/03/18 16:54, Breno Matheus Lima wrote:
Hi Bryan,
2018-03-09 14:35 GMT-03:00 Bryan O'Donoghue :
This patch adds IVT_PAD_SIZE at 0xC00. The IVT header is padded to
in one place - again allowing for scripting to reuse instead of
replicate functionality over and over again.
These helper functions could all be buried in the board-port but, they are
made available here in the hopes they will be of use to others.
Bryan O'Donoghue (3):
imximage: Encase maj
Subsequent patches will want to include imageimage.h but in doing so
include it on an assembly compile path causing a range of compile errors.
Fix the errors pre-emptively by encasing the majority of the declarations
in imximage.h inside an ifdef __ASSEMBLY__ block.
Signed-off-by: Bryan
continue to follow the first-stage authentication layout.
This patch defines the first stage offset with an upcoming set of BSP
patches making use of that offset subsequently.
Signed-off-by: Bryan O'Donoghue
Cc: Utkarsh Gupta
Cc: Breno Lima
Cc: Fabio Estevam
---
include/imximage.h | 3 +++
1
images can be run.
It's possible to script this logic but, when done over and over again the
environment starts get very complex and repetitive, reducing that script
repetition down to a command line function makes sense.
Signed-off-by: Bryan O'Donoghue
Cc: Utkarsh Gupta
Cc: Breno Lima
mated LAVA testing environment, hopefully its useful and
acceptable to others.
Bryan O'Donoghue (3):
imx: mx7: Fix CONFIG_SERIAL_TAG compilation
imx: mx7: Add comment to describe OTP TESTER registers
warp7: Set u-boot serial# based on OTP value
arch/arm/mach-imx
Currently when we define CONFIG_SERIAL_TAG we will barf with a failure to
define "struct tag_serialnr".
This structure is defined in , this patch includes
to fix.
Signed-off-by: Bryan O'Donoghue
Cc: Fabio Estevam
Cc: Peng Fan
Cc: Stefano Babic
Reviewed-by: Fabio Estevam
---
Unique ID
10:0
- FSL-wide unique, encoded LOT ID STD II/SJC CHALLENGE/ Unique ID
The 64 bits of data generate a unique serial number per-chip.
Signed-off-by: Bryan O'Donoghue
Cc: Fabio Estevam
Cc: Peng Fan
Cc: Stefano Babic
Reviewed-by: Fabio Estevam
---
arch/arm/mach-imx
ad.
With this patch in place the USB mass storage device will appear in
/dev/disk/by-id with a unique name based on the OTP value. For example
/dev/disk/by-id/usb-Linux_UMS_disk_0_WaRP7-0xf42400d301d4-0:0
Signed-off-by: Bryan O'Donoghue
Cc: Fabio Estevam
Cc: Rui Miguel Silva
Cc: Ryan H
On 26/03/18 15:15, Fabio Estevam wrote:
On Mon, Mar 26, 2018 at 11:11 AM, Bryan O'Donoghue
wrote:
+/* Specify the offset of the IVT in the IMX header as expected by BootROM */
+#define BOOTROM_IVT_HDR_OFFSET 0xC00
You introduce this new define, but there is no user for it.
Ah not
On 26/03/18 15:31, Fabio Estevam wrote:
On Mon, Mar 26, 2018 at 11:30 AM, Bryan O'Donoghue
wrote:
Ah not _yet_
There's a bunch of code in a BSP mod I plan to bomb the list with that makes
use of this.
In this case, please make this patch part of the series where we
actually see
they are
made available here in the hopes they will be of use to others.
Bryan O'Donoghue (2):
imximage: Encase majority of header in __ASSEMBLY__ declaration
imx: hab: Provide hab_auth_img_or_fail command
arch/arm/mach-imx/hab.c | 35 +++
include/imximage
Subsequent patches will want to include imageimage.h but in doing so
include it on an assembly compile path causing a range of compile errors.
Fix the errors pre-emptively by encasing the majority of the declarations
in imximage.h inside an ifdef __ASSEMBLY__ block.
Signed-off-by: Bryan
images can be run.
It's possible to script this logic but, when done over and over again the
environment starts get very complex and repetitive, reducing that script
repetition down to a command line function makes sense.
Signed-off-by: Bryan O'Donoghue
Cc: Utkarsh Gupta
Cc: Breno Lima
reeable) from [<8076aa38>]
(kernel_init+0x8/0xe8)
[<8076aa38>] (kernel_init) from [<8000f468>] (ret_from_fork+0x14/0x2c)
Code: e59d300c e2832010 e5843008 e5834068 (e58a2004)
---[ end trace d5f941204ed8cb29 ]---
Kernel panic - not syncing: Attempted to kill init! exitcode=0x0
continue to follow the first-stage authentication layout.
This patch defines the first stage offset which later patch make use of.
Signed-off-by: Bryan O'Donoghue
Cc: Utkarsh Gupta
Cc: Breno Lima
Cc: Fabio Estevam
---
include/imximage.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/in
ID mmcpart will be used to pass root id to kernel
setenv rootpart ${mmcpart}
run finduuid;
run mmcargs;
# Now boot
echo Booting secure Linux/OPTEE OS from mmc ...;
bootm ${optee_addr} - ${fdt_addr};
# Failsafe if something goes wrong
hab_failsafe
Bryan O'Donoghue (18):
imximage: Specify
Signed-off-by: Bryan O'Donoghue
---
configs/warp7_secure_defconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/configs/warp7_secure_defconfig b/configs/warp7_secure_defconfig
index d1d2495..0d46aa7 100644
--- a/configs/warp7_secure_defconfig
+++ b/configs/warp7_secure_defconf
nt because it gives the addresses for the HAB
that we will require to sign the u-boot image using the CST. Since the
addresses can change this logfile is a critical output.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/imximage.cfg | 4
1 file changed, 4 insertions(+)
diff --gi
Right now a region of 0x30 bytes is allocated at the end of DRAM for
the purposes of loading an OPTEE firmware inside of it. This patch adds the
printout of the relevant address ranges.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/warp7.c | 10 ++
1 file changed, 10 inser
This patch replaces the current "fatload" command with an environment
variable. Making the load command into an environment variable means we can
change filesystem type in boot.scr and reuse existing commands within that
boot script.
Signed-off-by: Bryan O'Donoghue
---
include/
Requires setting CONFIG_OPTEE=y and setting an OPTEE TrustZone DRAM base in
include/configs/warp7.h.
Signed-off-by: Bryan O'Donoghue
---
configs/warp7_secure_defconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/configs/warp7_secure_defconfig b/configs/warp7_secure_defconfig
+ Breno
Forget to add you to the CC Breno bod < sleep
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
Various function associated with booting the WaRP7 in High Assurance Boot
(HAB) mode are enabled by switching on CONFIG_SECURE_BOOT.
This patch enables CONFIG_SECURE_BOOT for the WaRP7 defconfig.
Signed-off-by: Bryan O'Donoghue
---
configs/warp7_secure_defconfig | 1 +
1 file chang
have
the real load addresses exported in uboot.cfg.
ivt_offset represents the addition or subtraction from the load address
that must happen to find an IVT header.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/co
We need to know the name of a signed boot-script, its better to have a
separate variable for this then to simply append some fixed string to an
existing image name.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/co
setexpr allows us to do arithmetic for env variables - something that is
both useful and required when doing HAB authentication without hard-coding
HAB load addresses.
Enable setexpr in the secure defconfig - it's not required for the unsecure
version.
Signed-off-by: Bryan O
_addr} ${filesize} 0".
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/configs/warp7.h b/include/configs/warp7.h
index 53fbcb2..c957b2d 100644
--- a/include/configs/warp7.h
+++ b/include/configs/warp7.h
@@ -50,6 +50,7 @@
Signed-off-by: Bryan O'Donoghue
---
board/warp7/warp7.c | 8
include/configs/warp7.h | 3 +++
2 files changed, 11 insertions(+)
diff --git a/board/warp7/warp7.c b/board/warp7/warp7.c
index 327f656..0d3d324 100644
--- a/board/warp7/warp7.c
+++ b/board/warp7/warp7.c
@@ -10,6 +10
Adding CONFIG_WARP7_ROOT_PART allows a defconfig to specify which partition
is use as the root partition on WaRP7, this is a desirable change in order
to support a different partitioning schemes. The default is the current
partition #1.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/Kc
boot script to select ping or pong as necessary without
reprogramming the bootloader.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/include/configs/warp7.h b/include/configs/warp7.h
index a92e675..f2ee09b 1
makes the OPTEE_LOAD_ADDR available via u-boot.cfg for further
parsing by external tools.
Signed-off-by: Bryan O'Donoghue
Reviewed-by: Ryan Harkin
---
configs/warp7_secure_defconfig | 1 +
include/configs/warp7.h| 1 +
2 files changed, 2 insertions(+)
diff --git a/co
.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/warp7.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/board/warp7/warp7.c b/board/warp7/warp7.c
index 0d3d324..56f0cdd 100644
--- a/board/warp7/warp7.c
+++ b/board/warp7/warp7.c
@@ -58,6 +58,11 @@ int dram_init(void)
{
gd->
prior to executing the commands contained in boot.scr.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 9 +
1 file changed, 9 insertions(+)
diff --git a/include/configs/warp7.h b/include/configs/warp7.h
index adf25ac..2a2d431 100644
--- a/include/configs/warp7.h
+++
-by: Bryan O'Donoghue
Reviewed-by: Ryan Harkin
---
board/warp7/Kconfig | 6 ++
include/configs/warp7.h | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/board/warp7/Kconfig b/board/warp7/Kconfig
index 61c33fb..00df19d 100644
--- a/board/warp7/Kconfig
+++ b/board/
On 30/03/18 15:53, Fabio Estevam wrote:
Hi Bryan,
On Fri, Mar 30, 2018 at 7:55 AM, Bryan O'Donoghue
wrote:
Booting the following image with tip-of-tree we get a CAAM DECO error (and
subsequent crash due to a kernel bug in 4.1).
For booting NXP based kernel you shoul
On 30/03/18 16:05, Fabio Estevam wrote:
This will conflict with Pierre-Jean's recent patch series that makes
use of the generic load command:
https://lists.denx.de/pipermail/u-boot/2018-March/324065.html
and
https://lists.denx.de/pipermail/u-boot/2018-March/324066.html
Would his approach w
x the bug and zap the fat !
Bryan O'Donoghue (2):
warp7: defconfig: Fix CAAM on boot with tip-of-tree
warp7: secure_defconfig: Remove secure_defconfig
configs/warp7_defconfig| 1 +
configs/warp7_secure_defconfig | 42 --
2 files changed, 1
reeable) from [<8076aa38>]
(kernel_init+0x8/0xe8)
[<8076aa38>] (kernel_init) from [<8000f468>] (ret_from_fork+0x14/0x2c)
Code: e59d300c e2832010 e5843008 e5834068 (e58a2004)
---[ end trace d5f941204ed8cb29 ]---
Kernel panic - not syncing: Attempted to kill init! exitcode=0x0
there's no need to support the secure defconfig - drop it now.
Signed-off-by: Bryan O'Donoghue
Suggested-by: Fabio Estevam
---
configs/warp7_secure_defconfig | 42 --
1 file changed, 42 deletions(-)
delete mode 100644 configs/warp7_secure_defconfig
as-is so, in this
context there appears to be no justification for keeping separate
configuration files.
Fix the bug and zap the fat !
Bryan O'Donoghue (2):
warp7: defconfig: Fix CAAM on boot with tip-of-tree
warp7: secure_defconfig: Remove secure_defconfig
board/warp7/MAINTAINERS
there's no need to support the secure defconfig - drop it now.
Signed-off-by: Bryan O'Donoghue
Suggested-by: Fabio Estevam
Reviewed-by: Fabio Estevam
---
board/warp7/MAINTAINERS| 1 -
configs/warp7_secure_defconfig | 42 --
2 files c
reeable) from [<8076aa38>]
(kernel_init+0x8/0xe8)
[<8076aa38>] (kernel_init) from [<8000f468>] (ret_from_fork+0x14/0x2c)
Code: e59d300c e2832010 e5843008 e5834068 (e58a2004)
---[ end trace d5f941204ed8cb29 ]---
Kernel panic - not syncing: Attempted to kill init! exitcode=0x00
93882/
Could you drop the part of this patch for warp7_secure_defconfig - in a v3 ?
That way my patch and your patch can apply independently and in any order
Acked-by: Bryan O'Donoghue
---
bod
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lis
_DFU_MMC=y
CONFIG_USB=y
Acked-by: Bryan O'Donoghue
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
cdev}:${mmcpart} ${loadaddr} ${image}\0" \
+ "loadfdt=load mmc ${mmcdev}:${mmcpart} ${fdt_addr} ${fdt_file}\0" \
"mmcboot=echo Booting from mmc ...; " \
"run finduuid; " \
"run mmcargs; " \
Acked-by: Bryan O'Donoghue
___
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot
oot id to kernel
setenv rootpart ${mmcpart}
run finduuid;
run mmcargs;
# Now boot
echo Booting secure Linux/OPTEE OS from mmc ...;
bootm ${optee_addr} - ${fdt_addr};
# Failsafe if something goes wrong
hab_failsafe
Bryan O'Donoghue (17):
imximage: Specify default IVT offset in IMX image
warp7:
continue to follow the first-stage authentication layout.
This patch defines the first stage offset which later patch make use of.
Signed-off-by: Bryan O'Donoghue
Cc: Utkarsh Gupta
Cc: Breno Lima
Cc: Fabio Estevam
---
include/imximage.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/in
Requires setting CONFIG_OPTEE=y and setting an OPTEE TrustZone DRAM base in
include/configs/warp7.h.
Signed-off-by: Bryan O'Donoghue
---
configs/warp7_defconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/configs/warp7_defconfig b/configs/warp7_defconfig
index d720bac..3dbcd69 1
Signed-off-by: Bryan O'Donoghue
---
board/warp7/warp7.c | 8
include/configs/warp7.h | 3 +++
2 files changed, 11 insertions(+)
diff --git a/board/warp7/warp7.c b/board/warp7/warp7.c
index 327f656..0d3d324 100644
--- a/board/warp7/warp7.c
+++ b/board/warp7/warp7.c
@@ -10,6 +10
-by: Bryan O'Donoghue
Reviewed-by: Ryan Harkin
---
board/warp7/Kconfig | 6 ++
include/configs/warp7.h | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/board/warp7/Kconfig b/board/warp7/Kconfig
index 61c33fb..00df19d 100644
--- a/board/warp7/Kconfig
+++ b/board/
Adding CONFIG_WARP7_ROOT_PART allows a defconfig to specify which partition
is use as the root partition on WaRP7, this is a desirable change in order
to support a different partitioning schemes. The default is the current
partition #2.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/Kc
nt because it gives the addresses for the HAB
that we will require to sign the u-boot image using the CST. Since the
addresses can change this logfile is a critical output.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/imximage.cfg | 4
1 file changed, 4 insertions(+)
diff --gi
_addr} ${filesize} 0".
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/configs/warp7.h b/include/configs/warp7.h
index 0ed95d8..454bc1c 100644
--- a/include/configs/warp7.h
+++ b/include/configs/warp7.h
@@ -50,6 +50,7 @@
boot script to select ping or pong as necessary without
reprogramming the bootloader.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/include/configs/warp7.h b/include/configs/warp7.h
index 344042c..54b3b31 1
We need to know the name of a signed boot-script, its better to have a
separate variable for this then to simply append some fixed string to an
existing image name.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/co
Right now a region of 0x30 bytes is allocated at the end of DRAM for
the purposes of loading an OPTEE firmware inside of it. This patch adds the
printout of the relevant address ranges.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/warp7.c | 10 ++
1 file changed, 10 inser
.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/warp7.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/board/warp7/warp7.c b/board/warp7/warp7.c
index 0d3d324..56f0cdd 100644
--- a/board/warp7/warp7.c
+++ b/board/warp7/warp7.c
@@ -58,6 +58,11 @@ int dram_init(void)
{
gd->
Signed-off-by: Bryan O'Donoghue
---
configs/warp7_defconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/configs/warp7_defconfig b/configs/warp7_defconfig
index efb6f51..d5dc009 100644
--- a/configs/warp7_defconfig
+++ b/configs/warp7_defconfig
@@ -47,3 +47,4 @@ CONFIG_USBNET_HOST_
Various function associated with booting the WaRP7 in High Assurance Boot
(HAB) mode are enabled by switching on CONFIG_SECURE_BOOT.
This patch enables CONFIG_SECURE_BOOT for the WaRP7 defconfig.
Signed-off-by: Bryan O'Donoghue
---
configs/warp7_defconfig | 1 +
1 file changed, 1 inse
setexpr allows us to do arithmetic for env variables - something that is
both useful and required when doing HAB authentication without hard-coding
HAB load addresses.
Enable setexpr in the secure defconfig - it's not required for the unsecure
version.
Signed-off-by: Bryan O
makes the OPTEE_LOAD_ADDR available via u-boot.cfg for further
parsing by external tools.
Signed-off-by: Bryan O'Donoghue
Reviewed-by: Ryan Harkin
---
configs/warp7_defconfig | 1 +
include/configs/warp7.h | 1 +
2 files changed, 2 insertions(+)
diff --git a/configs/warp7_defconfig b/co
prior to executing the commands contained in boot.scr.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 9 +
1 file changed, 9 insertions(+)
diff --git a/include/configs/warp7.h b/include/configs/warp7.h
index fe9b7d5..f340bff 100644
--- a/include/configs/warp7.h
+++
have
the real load addresses exported in uboot.cfg.
ivt_offset represents the addition or subtraction from the load address
that must happen to find an IVT header.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/co
i.MX processors but for now this is only tested on
i.MX7 as working.
Signed-off-by: Bryan O'Donoghue
---
arch/arm/include/asm/mach-imx/sys_proto.h | 1 +
arch/arm/mach-imx/mx7/Makefile| 2 +-
arch/arm/mach-imx/mx7/snvs.c | 22 ++
arch/arm/ma
+ Stefano
On 05/04/18 19:46, Bryan O'Donoghue wrote:
Working with HAB on the i.MX7 we've encountered a case where a board that
successfully authenticates u-boot when booting Linux via OPTEE subsequently
fails to properly bring up the RTC.
The RTC registers live in the low-power bl
On 05/04/18 20:29, Fabio Estevam wrote:
Hi Bryan,
On Thu, Apr 5, 2018 at 3:46 PM, Bryan O'Donoghue
wrote:
--- a/arch/arm/mach-imx/mx7/soc.c
+++ b/arch/arm/mach-imx/mx7/soc.c
@@ -180,6 +180,8 @@ int arch_cpu_init(void)
isolate_resource();
#endif
+ init_snvs();
Shou
On 07/04/18 13:36, Breno Matheus Lima wrote:
Hi Bryan,
2018-04-02 19:42 GMT-03:00 Bryan O'Donoghue :
Right now a region of 0x30 bytes is allocated at the end of DRAM for
the purposes of loading an OPTEE firmware inside of it. This patch adds the
printout of the relevant address r
On 07/04/18 13:32, Breno Matheus Lima wrote:
Hi Bryan,
2018-04-02 19:42 GMT-03:00 Bryan O'Donoghue :
This patch enables CONFIG_BOOTM_TEE. Once enabled its possible to
chain-load Linux through OPTEE.
Loading kernel to 0x8080
=> run loadimage
Load FDT to 0x8300
=> run lo
operation. The load address may not be aligned to a cache-line boundary, so
ensure the passed address is aligned.
Signed-off-by: Bryan O'Donoghue
Reported-by: Breno Matheus Lima
Cc: Simon Glass
---
common/bootm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/c
On 07/04/18 13:23, Breno Matheus Lima wrote:
Hi Bryan,
2018-04-02 19:42 GMT-03:00 Bryan O'Donoghue :
In order to sign images with the IMX code-signing-tool (CST) we need to
know the load address of a given image. The best way to derive this load
address is to make it into a define - so
continue to follow the first-stage authentication layout.
This patch defines the first stage offset which later patch make use of.
Signed-off-by: Bryan O'Donoghue
Cc: Utkarsh Gupta
Cc: Breno Lima
Cc: Fabio Estevam
---
include/imximage.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/in
ptee_addr} - ${fdt_addr};
# Failsafe if something goes wrong
hab_failsafe
Bryan O'Donoghue (17):
imximage: Specify default IVT offset in IMX image
warp7: hab: Add a CSF location definition
warp7: hab: Set environment variable indicating HAB enable
warp7: defconfig: Enable OPTEE for Wa
Signed-off-by: Bryan O'Donoghue
---
configs/warp7_defconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/configs/warp7_defconfig b/configs/warp7_defconfig
index efb6f51..d5dc009 100644
--- a/configs/warp7_defconfig
+++ b/configs/warp7_defconfig
@@ -47,3 +47,4 @@ CONFIG_USBNET_HOST_
Signed-off-by: Bryan O'Donoghue
---
board/warp7/warp7.c | 8
include/configs/warp7.h | 3 +++
2 files changed, 11 insertions(+)
diff --git a/board/warp7/warp7.c b/board/warp7/warp7.c
index 327f656..0d3d324 100644
--- a/board/warp7/warp7.c
+++ b/board/warp7/warp7.c
@@ -10,6 +10
Requires setting CONFIG_OPTEE=y and setting an OPTEE TrustZone DRAM base in
include/configs/warp7.h.
Signed-off-by: Bryan O'Donoghue
---
configs/warp7_defconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/configs/warp7_defconfig b/configs/warp7_defconfig
index d720bac..3dbcd69 1
have
the real load addresses exported in uboot.cfg.
ivt_offset represents the addition or subtraction from the load address
that must happen to find an IVT header.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/co
Adding CONFIG_WARP7_ROOT_PART allows a defconfig to specify which partition
is use as the root partition on WaRP7, this is a desirable change in order
to support a different partitioning schemes. The default is the current
partition #2.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/Kc
nt because it gives the addresses for the HAB
that we will require to sign the u-boot image using the CST. Since the
addresses can change this logfile is a critical output.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/imximage.cfg | 4
1 file changed, 4 insertions(+)
diff --gi
prior to executing the commands contained in boot.scr.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 9 +
1 file changed, 9 insertions(+)
diff --git a/include/configs/warp7.h b/include/configs/warp7.h
index fe9b7d5..f340bff 100644
--- a/include/configs/warp7.h
+++
Various function associated with booting the WaRP7 in High Assurance Boot
(HAB) mode are enabled by switching on CONFIG_SECURE_BOOT.
This patch enables CONFIG_SECURE_BOOT for the WaRP7 defconfig.
Signed-off-by: Bryan O'Donoghue
---
configs/warp7_defconfig | 1 +
1 file changed, 1 inse
setexpr allows us to do arithmetic for env variables - something that is
both useful and required when doing HAB authentication without hard-coding
HAB load addresses.
This patch enables CMD_SETEXPR for the WaRP7 defconfig.
Signed-off-by: Bryan O'Donoghue
---
configs/warp7_defconfig | 2
Right now a region of 0x30 bytes is allocated at the end of DRAM for
the purposes of loading an OPTEE firmware inside of it. This patch adds the
printout of the relevant address ranges.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/warp7.c | 10 ++
1 file changed, 10 inser
makes the OPTEE_LOAD_ADDR available via u-boot.cfg for further
parsing by external tools.
Signed-off-by: Bryan O'Donoghue
Reviewed-by: Ryan Harkin
---
configs/warp7_defconfig | 1 +
include/configs/warp7.h | 1 +
2 files changed, 2 insertions(+)
diff --git a/configs/warp7_defconfig b/co
.
Signed-off-by: Bryan O'Donoghue
---
board/warp7/warp7.c | 5 +
1 file changed, 5 insertions(+)
diff --git a/board/warp7/warp7.c b/board/warp7/warp7.c
index 0d3d324..56f0cdd 100644
--- a/board/warp7/warp7.c
+++ b/board/warp7/warp7.c
@@ -58,6 +58,11 @@ int dram_init(void)
{
gd->
-by: Bryan O'Donoghue
Reviewed-by: Ryan Harkin
---
board/warp7/Kconfig | 6 ++
include/configs/warp7.h | 2 +-
2 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/board/warp7/Kconfig b/board/warp7/Kconfig
index 61c33fb..00df19d 100644
--- a/board/warp7/Kconfig
+++ b/board/
_addr} ${filesize} 0".
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/configs/warp7.h b/include/configs/warp7.h
index 0ed95d8..454bc1c 100644
--- a/include/configs/warp7.h
+++ b/include/configs/warp7.h
@@ -50,6 +50,7 @@
boot script to select ping or pong as necessary without
reprogramming the bootloader.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/include/configs/warp7.h b/include/configs/warp7.h
index 344042c..54b3b31 1
We need to know the name of a signed boot-script, its better to have a
separate variable for this then to simply append some fixed string to an
existing image name.
Signed-off-by: Bryan O'Donoghue
---
include/configs/warp7.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/include/co
On 13/04/18 17:27, Tom Rini wrote:
- flush_cache(load, ALIGN(*load_end - load, ARCH_DMA_MINALIGN));
+ flush_cache(ALIGN(load, ARCH_DMA_MINALIGN),
+ ALIGN(*load_end - load, ARCH_DMA_MINALIGN));
Am I wrong in thinking that we would want ALIGN_DOWN for load here?
N
operation. The load address may not be aligned to a cache-line boundary, so
ensure the passed address is aligned.
Signed-off-by: Bryan O'Donoghue
Reported-by: Breno Matheus Lima
Suggested-by: Tom Rini
Cc: Simon Glass
---
common/bootm.c | 8 +++-
1 file changed, 7 insertions(+), 1 de
On 16/04/18 17:49, Simon Glass wrote:
On 15 April 2018 at 04:48, Bryan O'Donoghue wrote:
commit b4d956f6bc0f ("bootm: Align cache flush end address correctly")
aligns the end address of the cache flush operation to a cache-line size to
ensure lower-layers in the code a
On 17/04/18 23:21, Simon Glass wrote:
Hi Bryan,
On 17 April 2018 at 03:27, Bryan O'Donoghue wrote:
On 16/04/18 17:49, Simon Glass wrote:
On 15 April 2018 at 04:48, Bryan O'Donoghue wrote:
commit b4d956f6bc0f ("bootm: Align cache flush end address correctly")
al
and select
CONFIG_ARMV7_BOOT_SEC_DEFAULT inside mx7dsabresd_defconfig so that
this target could be used to boot both mainline and the vendor kernel.
This makes maintenance task easier and avoid potentially confusion
for the end user.
Signed-off-by: Fabio Estevam
Acked-by: Bryan O'Don
301 - 400 of 580 matches
Mail list logo