From patchwork Wed Apr 3 12:03:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dhruva Gole X-Patchwork-Id: 1919264 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.a=rsa-sha256 header.s=ti-com-17Q1 header.b=poeke/oU; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org) Received: from phobos.denx.de (phobos.denx.de [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4V8k1S60x3z23tv for ; Wed, 3 Apr 2024 23:03:56 +1100 (AEDT) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 6001C8834D; Wed, 3 Apr 2024 14:03:50 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.b="poeke/oU"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 4133988367; Wed, 3 Apr 2024 14:03:49 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from fllv0016.ext.ti.com (fllv0016.ext.ti.com [198.47.19.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 4AA628833D for ; Wed, 3 Apr 2024 14:03:46 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=d-gole@ti.com Received: from lelv0266.itg.ti.com ([10.180.67.225]) by fllv0016.ext.ti.com (8.15.2/8.15.2) with ESMTP id 433C3gFq024308; Wed, 3 Apr 2024 07:03:42 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1712145822; bh=XGlee1/IzwxwjpkrApbDM+6dM43uke5oe/zqmpCMzSo=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=poeke/oU907DFYplDLgxFEGALbWQC5+HiBXo2Xx6/9ZspW3sF80nY/fVw8729zh9V qFXaeLq7/NAu7oSLucTb+Xkdum0TmQgf33sinf/1Ne1RrQg7lBcU6DQQLj294MNqq1 A5Xb1YEtXxoq4DVeLKGsVKPLgIPggVAeJNrjSTiY= Received: from DFLE107.ent.ti.com (dfle107.ent.ti.com [10.64.6.28]) by lelv0266.itg.ti.com (8.15.2/8.15.2) with ESMTPS id 433C3gE0058040 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Wed, 3 Apr 2024 07:03:42 -0500 Received: from DFLE104.ent.ti.com (10.64.6.25) by DFLE107.ent.ti.com (10.64.6.28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23; Wed, 3 Apr 2024 07:03:42 -0500 Received: from lelvsmtp5.itg.ti.com (10.180.75.250) by DFLE104.ent.ti.com (10.64.6.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23 via Frontend Transport; Wed, 3 Apr 2024 07:03:42 -0500 Received: from dhruva.dhcp.ti.com (dhruva.dhcp.ti.com [172.24.227.68]) by lelvsmtp5.itg.ti.com (8.15.2/8.15.2) with ESMTP id 433C3T4i128691; Wed, 3 Apr 2024 07:03:40 -0500 From: Dhruva Gole To: CC: Tom Rini , Vibhore Vardhan , Neha Malcom Francis , Kamlesh Gurudasani , Dhruva Gole Subject: [PATCH 1/2] arm: mach-k3: add support for detecting TIFSSTUB images Date: Wed, 3 Apr 2024 17:33:09 +0530 Message-ID: <20240403120309.4026170-2-d-gole@ti.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240403120309.4026170-1-d-gole@ti.com> References: <20240403120309.4026170-1-d-gole@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Kamlesh Gurudasani Add support for detecting and processing TIFSSTUB images for HS, HSFS and GP devices. TIFSSTUB image for related device type will be loaded, rest TIFSSTUB images will be discarded. Example, for GP device, tifsstub-gp will be loaded, tifsstub-hs and tifsstub-fs will be discarded. Signed-off-by: Kamlesh Gurudasani Signed-off-by: Dhruva Gole Reviewed-by: Neha Malcom Francis --- arch/arm/mach-k3/r5/common.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/arch/arm/mach-k3/r5/common.c b/arch/arm/mach-k3/r5/common.c index c02f8d330998..0f6c294f1eb2 100644 --- a/arch/arm/mach-k3/r5/common.c +++ b/arch/arm/mach-k3/r5/common.c @@ -24,6 +24,9 @@ enum { IMAGE_ID_OPTEE, IMAGE_ID_SPL, IMAGE_ID_DM_FW, + IMAGE_ID_TIFSSTUB_HS, + IMAGE_ID_TIFSSTUB_FS, + IMAGE_ID_T, IMAGE_AMT, }; @@ -33,6 +36,9 @@ static const char *image_os_match[IMAGE_AMT] = { "tee", "U-Boot", "DM", + "tifsstub-hs", + "tifsstub-fs", + "tifsstub-gp", }; #endif @@ -314,6 +320,24 @@ void board_fit_image_post_process(const void *fit, int node, void **p_image, break; } } + + if (i < IMAGE_AMT && i > IMAGE_ID_DM_FW) { + int device_type = get_device_type(); + + if ((device_type == K3_DEVICE_TYPE_HS_SE && + strcmp(os, "tifsstub-hs")) || + (device_type == K3_DEVICE_TYPE_HS_FS && + strcmp(os, "tifsstub-fs")) || + (device_type == K3_DEVICE_TYPE_GP && + strcmp(os, "tifsstub-gp"))) { + *p_size = 0; + } else { + debug("tifsstub-type: %s\n", os); + } + + return; + } + /* * Only DM and the DTBs are being authenticated here, * rest will be authenticated when A72 cluster is up From patchwork Wed Apr 3 12:03:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dhruva Gole X-Patchwork-Id: 1919265 X-Patchwork-Delegate: trini@ti.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.a=rsa-sha256 header.s=ti-com-17Q1 header.b=V3EgVHum; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4V8k1l4RDFz23tv for ; Wed, 3 Apr 2024 23:04:11 +1100 (AEDT) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id C5A778832D; Wed, 3 Apr 2024 14:03:54 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=ti.com header.i=@ti.com header.b="V3EgVHum"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 4FBEE8833D; Wed, 3 Apr 2024 14:03:53 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from lelv0143.ext.ti.com (lelv0143.ext.ti.com [198.47.23.248]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 3429F88367 for ; Wed, 3 Apr 2024 14:03:51 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=quarantine dis=none) header.from=ti.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=d-gole@ti.com Received: from lelv0265.itg.ti.com ([10.180.67.224]) by lelv0143.ext.ti.com (8.15.2/8.15.2) with ESMTP id 433C3mMV077067; Wed, 3 Apr 2024 07:03:48 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ti.com; s=ti-com-17Q1; t=1712145828; bh=R9Nbd9tyaPsYDnEX8+TdVXz68n68A+WMWPsqcrq0/5U=; h=From:To:CC:Subject:Date:In-Reply-To:References; b=V3EgVHumqRITifoXrf9Opr1GIju4FgZZHaEycZ0nrDtB8vR087bpsFggQIsJ1YY+w eKq2TnOlY/nqiEMKpROJw0hRXatqe1zKKmy7wUzd8eeD485QKGSUmN7rObdLU6jCoX bxxf0mkVwCPj8i9iQcWOU9JjbYWPdg7CueWh+rJE= Received: from DFLE113.ent.ti.com (dfle113.ent.ti.com [10.64.6.34]) by lelv0265.itg.ti.com (8.15.2/8.15.2) with ESMTPS id 433C3mJD006161 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=FAIL); Wed, 3 Apr 2024 07:03:48 -0500 Received: from DFLE109.ent.ti.com (10.64.6.30) by DFLE113.ent.ti.com (10.64.6.34) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23; Wed, 3 Apr 2024 07:03:48 -0500 Received: from lelvsmtp5.itg.ti.com (10.180.75.250) by DFLE109.ent.ti.com (10.64.6.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2507.23 via Frontend Transport; Wed, 3 Apr 2024 07:03:48 -0500 Received: from dhruva.dhcp.ti.com (dhruva.dhcp.ti.com [172.24.227.68]) by lelvsmtp5.itg.ti.com (8.15.2/8.15.2) with ESMTP id 433C3T4j128691; Wed, 3 Apr 2024 07:03:46 -0500 From: Dhruva Gole To: CC: Tom Rini , Vibhore Vardhan , Neha Malcom Francis , Kamlesh Gurudasani , Dhruva Gole Subject: [PATCH 2/2] arm: dts: k3: binman: am625: add support for signing TIFSSTUB Images Date: Wed, 3 Apr 2024 17:33:10 +0530 Message-ID: <20240403120309.4026170-3-d-gole@ti.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240403120309.4026170-1-d-gole@ti.com> References: <20240403120309.4026170-1-d-gole@ti.com> MIME-Version: 1.0 X-EXCLAIMER-MD-CONFIG: e1e8a2fd-e40a-4ac6-ac9b-f7e9cc9ee180 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Kamlesh Gurudasani Add support for signing of TIFSSTUB images for HSSE, HSFS and GP devices and include them in tispl.bin and tispl.bin_unsigned. Signed-off-by: Kamlesh Gurudasani Signed-off-by: Dhruva Gole Reviewed-by: Neha Malcom Francis --- arch/arm/dts/k3-am625-sk-binman.dtsi | 141 ++++++++++++++++++++++++++- 1 file changed, 139 insertions(+), 2 deletions(-) diff --git a/arch/arm/dts/k3-am625-sk-binman.dtsi b/arch/arm/dts/k3-am625-sk-binman.dtsi index 5b058bd03a07..dfd38d64f638 100644 --- a/arch/arm/dts/k3-am625-sk-binman.dtsi +++ b/arch/arm/dts/k3-am625-sk-binman.dtsi @@ -151,11 +151,107 @@ filename = "ti-dm/am62xx/ipc_echo_testb_mcu1_0_release_strip.xer5f"; }; }; + + tifsstub-hs { + filename = "tifsstub.bin_hs"; + ti-secure-rom { + content = <&tifsstub_hs_cert>; + core = "secure"; + load = <0x40000>; + sw-rev = ; + keyfile = "custMpk.pem"; + countersign; + tifsstub; + }; + tifsstub_hs_cert: tifsstub-hs-cert.bin { + filename = "ti-sysfw/ti-fs-stub-firmware-am62x-hs-cert.bin"; + type = "blob-ext"; + optional; + }; + tifsstub_hs_enc: tifsstub-hs-enc.bin { + filename = "ti-sysfw/ti-fs-stub-firmware-am62x-hs-enc.bin"; + type = "blob-ext"; + optional; + }; + }; + + tifsstub-fs { + filename = "tifsstub.bin_fs"; + tifsstub_fs_cert: tifsstub-fs-cert.bin { + filename = "ti-sysfw/ti-fs-stub-firmware-am62x-hs-cert.bin"; + type = "blob-ext"; + optional; + }; + tifsstub_fs_enc: tifsstub-fs-enc.bin { + filename = "ti-sysfw/ti-fs-stub-firmware-am62x-hs-enc.bin"; + type = "blob-ext"; + optional; + }; + + }; + + tifsstub-gp { + filename = "tifsstub.bin_gp"; + ti-secure-rom { + content = <&tifsstub_gp>; + core = "secure"; + load = <0x60000>; + sw-rev = ; + keyfile = "ti-degenerate-key.pem"; + tifsstub; + }; + tifsstub_gp: tifsstub-gp.bin { + filename = "ti-sysfw/ti-fs-stub-firmware-am62x-gp.bin"; + type = "blob-ext"; + optional; + }; + }; + ti-spl { insert-template = <&ti_spl_template>; fit { images { + + tifsstub-hs { + description = "TIFSSTUB"; + type = "firmware"; + arch = "arm32"; + compression = "none"; + os = "tifsstub-hs"; + load = <0x9dc00000>; + entry = <0x9dc00000>; + blob-ext { + filename = "tifsstub.bin_hs"; + }; + }; + + tifsstub-fs { + description = "TIFSSTUB"; + type = "firmware"; + arch = "arm32"; + compression = "none"; + os = "tifsstub-fs"; + load = <0x9dc00000>; + entry = <0x9dc00000>; + blob-ext { + filename = "tifsstub.bin_fs"; + }; + }; + + tifsstub-gp { + description = "TIFSSTUB"; + type = "firmware"; + arch = "arm32"; + compression = "none"; + os = "tifsstub-gp"; + load = <0x9dc00000>; + entry = <0x9dc00000>; + blob-ext { + filename = "tifsstub.bin_gp"; + }; + }; + dm { ti-secure { content = <&dm>; @@ -189,7 +285,8 @@ conf-0 { description = "k3-am625-sk"; firmware = "atf"; - loadables = "tee", "dm", "spl"; + loadables = "tee", "tifsstub-hs", "tifsstub-fs", + "tifsstub-gp", "dm", "spl"; fdt = "fdt-0"; }; }; @@ -247,6 +344,45 @@ fit { images { + tifsstub-hs { + description = "tifsstub"; + type = "firmware"; + arch = "arm32"; + compression = "none"; + os = "tifsstub-hs"; + load = <0x9dc00000>; + entry = <0x9dc00000>; + blob-ext { + filename = "tifsstub.bin_hs"; + }; + }; + + tifsstub-fs { + description = "tifsstub"; + type = "firmware"; + arch = "arm32"; + compression = "none"; + os = "tifsstub-fs"; + load = <0x9dc00000>; + entry = <0x9dc00000>; + blob-ext { + filename = "tifsstub.bin_fs"; + }; + }; + + tifsstub-gp { + description = "tifsstub"; + type = "firmware"; + arch = "arm32"; + compression = "none"; + os = "tifsstub-gp"; + load = <0x9dc00000>; + entry = <0x9dc00000>; + blob-ext { + filename = "tifsstub.bin_gp"; + }; + }; + dm { ti-dm { filename = "ti-dm.bin"; @@ -270,7 +406,8 @@ conf-0 { description = "k3-am625-sk"; firmware = "atf"; - loadables = "tee", "dm", "spl"; + loadables = "tee", "tifsstub-hs", "tifsstub-fs", + "tifsstub-gp", "dm", "spl"; fdt = "fdt-0"; }; };