From patchwork Wed Apr 5 22:40:47 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Praneeth Bajjuri X-Patchwork-Id: 1765787 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.a=rsa-sha256 header.s=ti-com-17Q1 header.b=ohIGCv+/; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4PsKNg0H90z1yYy for ; Thu, 6 Apr 2023 08:41:05 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 6D8A384D00; Thu, 6 Apr 2023 00:40:56 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.b="ohIGCv+/"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 3F65A85FA9; Thu, 6 Apr 2023 00:40:55 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from fllv0016.ext.ti.com (fllv0016.ext.ti.com [198.47.19.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id E75E183523 for ; Thu, 6 Apr 2023 00:40:51 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=praneeth@ti.com Received: from fllv0035.itg.ti.com ([10.64.41.0]) by fllv0016.ext.ti.com (8.15.2/8.15.2) with ESMTP id 335MemqN120008; Wed, 5 Apr 2023 17:40:48 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1680734448; bh=XEhrVHOUq3dnnBrkhalEBX8uW6xcvLJkWrHqY/12ydA=; h=From:To:CC:Subject:Date; b=ohIGCv+/U0mBdT3f7u0ckciyLyOMqiNakGvo91Ovi2/IGaFYQyReJguZpfYhXjW0N vwsvImM6gs7SZZ2dnP2jdB/yeXDpd/AdKAyimi79UcsbuZCFe3vtyZ4izAFzEN5Ycs Y1xOyYGHN0TLELDUXLAH39nq3aF9ZcUeixR+fnyQ= Received: from DFLE110.ent.ti.com (dfle110.ent.ti.com [10.64.6.31]) by fllv0035.itg.ti.com (8.15.2/8.15.2) with ESMTPS id 335MemtQ076916 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Wed, 5 Apr 2023 17:40:48 -0500 Received: from DFLE104.ent.ti.com (10.64.6.25) by DFLE110.ent.ti.com (10.64.6.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.16; Wed, 5 Apr 2023 17:40:48 -0500 Received: from fllv0040.itg.ti.com (10.64.41.20) by DFLE104.ent.ti.com (10.64.6.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.16 via Frontend Transport; Wed, 5 Apr 2023 17:40:48 -0500 Received: from praneethhome (ileaxei01-snat.itg.ti.com [10.180.69.5]) by fllv0040.itg.ti.com (8.15.2/8.15.2) with ESMTP id 335MemOK091516; Wed, 5 Apr 2023 17:40:48 -0500 Received: from praneeth by praneethhome with local (Exim 4.90_1) (envelope-from ) id 1pkBo7-0003kL-Va; Wed, 05 Apr 2023 17:40:47 -0500 From: Praneeth Bajjuri To: , , Tom Rini CC: Kamlesh Gurudasani , Bryan Brattlof Subject: [PATCH] configs: am62x: enable secure device configs by default Date: Wed, 5 Apr 2023 17:40:47 -0500 Message-ID: <20230405224047.14363-1-praneeth@ti.com> X-Mailer: git-send-email 2.17.1 MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean Enable the CONFIG_TI_SECURE_DEVICE by default Non-HS devices will continue to boot due to runtime device type detection. TI's security enforcing SoCs will authenticate each binary it loads by comparing it's signature with keys etched into the SoC during the boot up process. The am62x family of SoCs by default will have some level of security enforcement checking. To keep things as simple as possible, enable the CONFIG_TI_SECURE_DEVICE options by default so all levels of secure SoCs will work out of the box Signed-off-by: Praneeth Bajjuri Signed-off-by: Kamlesh Gurudasani Signed-off-by: Bryan Brattlof --- configs/am62x_evm_a53_defconfig | 1 + configs/am62x_evm_r5_defconfig | 1 + 2 files changed, 2 insertions(+) diff --git a/configs/am62x_evm_a53_defconfig b/configs/am62x_evm_a53_defconfig index cc9c8eab3e..fc76d88727 100644 --- a/configs/am62x_evm_a53_defconfig +++ b/configs/am62x_evm_a53_defconfig @@ -1,5 +1,6 @@ CONFIG_ARM=y CONFIG_ARCH_K3=y +CONFIG_TI_SECURE_DEVICE=y CONFIG_SYS_MALLOC_F_LEN=0x8000 CONFIG_SPL_LIBCOMMON_SUPPORT=y CONFIG_SPL_LIBGENERIC_SUPPORT=y diff --git a/configs/am62x_evm_r5_defconfig b/configs/am62x_evm_r5_defconfig index 44a9130d99..cab8c820f9 100644 --- a/configs/am62x_evm_r5_defconfig +++ b/configs/am62x_evm_r5_defconfig @@ -1,5 +1,6 @@ CONFIG_ARM=y CONFIG_ARCH_K3=y +CONFIG_TI_SECURE_DEVICE=y CONFIG_SYS_MALLOC_LEN=0x08000000 CONFIG_SYS_MALLOC_F_LEN=0x9000 CONFIG_SPL_LIBCOMMON_SUPPORT=y