For NXP platforms:
- Setup files for BL2 and BL31
- Other supporting files.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I36a1183a0652701bdede9e02d41eb976accbb017
NXP: Added warm reset handler to handle SMC PSCI_SYSTEM_RESET2
raised from kernel (> 5.4).
As part of first cold boot, DDR training data is stored in NV storage.
As part of this SMC handling, following things are done:
- DDR is put in self-refresh mode to retain the content of DDR.
- Reset cause is saved.
- Reset is triggered.
On next boot to last warm-reset, DDR training is restored from
the NV storage.
Signed-off-by: Ashish Kumar <ashish.kumar@nxp.com>
Signed-off-by: Kuldeep Singh <kuldeep.singh@nxp.com>
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Signed-off-by: Priyanka Singh <priyanka.singh@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I8e4fb0824887af49e959c93825e2ab0ba887fc9d
NV storage API(s) for NXP platforms, supported on:
- flexspi-nor
- SecMon - General Purpose Registers at Low-Power section,
retains their content if backed by coined battery.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Id65dee4f28e7d6d2024407030039de33ebe0fa05
NXP SoC supports two TBB mode:
- MBED_TLS based
-- ROTK key hash is placed as part of the BL2 binary at section:
--- .rodata.nxp_rotpk_hash
-- Supporting non-volatile counter via SFP.
-- platform function used by TFA common authentication code.
- NXP CSF based
-- ROTK key deployment vary from MBEDTLS
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Ib0f0bf024fd93de906c5d4f609383ae9e02b2fbc
All of the NXP SoC, needs fip_fuse image to be
loaded additionally as part of preparation for Trusted board boot
- fip_fuse.bin contains an image for auto fuse provisioning.
- Auto fuse provisioning is based on the input file with values for:
-- SRK Hash
-- OTPMK
-- misc. refer board manual for more details.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I26d4024fefe352d967ca120191f784f1f47aa9d1
Few of the NXP SoC like LX2160A, needs ddr-phy images to be
loaded additionally before DDR initialization
- fip_ddr.bin is created containing upto 6 ddr images.
- With TRUSTED_BOARD_BOOT = 1, fip_ddr.bin is authenticated
first before loading and starting DDR initialization.
- To successfully compile this image, platform-defined header files
needs to be defined:
-- include/common/tbbr/tbbr_img_def.h uses:
--- plat_tbbr_img_def.h: platform specific new FIP image macros.
-- include/tools/share/firmware_image_package.h uses:
--- plat_def_fip_uuid.h: platform specific new UUID macros.
---- Added UUID for DDR images to create FIP-DDR.
---- Added UUID for FUSE provisioning images to create FIP-fuse.
-- include/tools/share/tbbr_oid.h uses:
--- platform_oid.h: platform specific new OID macros.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Icbcf1673a8c398aae98680b5016f4276b4864b91
function load_img(), is dependent on:
- Recursively calling load_image() defined in common/bl_common.c
- for each image in the fip.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I57ca4b666cd1b0b992b7c0fc2a4260b558c0e2a9
bl31-data file written in assembly helps to manage data at bl31.
Signed-off-by: rocket <rod.dorris@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Ic3ace03364648cc1174bb05b5b334b9ccdaaa4ed
NXP tool to create pbl from bl2 binary:
- RCW is prepended to BL2.bin
- If TRUSTED_BOARD_BOOT=1, pre-append the CSF header
to be understood by NXP boot-rom.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Iddc7336a045222e2073ddad86358ebc4440b8bcf
NXP SMMU driver API for NXP SoC.
- Currently it supports by-passing SMMU, called only when NXP CAAM
is enabled.
- (TBD) AMQ based SMMU access control: Access Management Qualifiers (AMQ)
advertised by a bus master for a given transaction.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I23a12928ddedb1a2cf4b396606e35c67e016e331
Chain of trust(CoT) is enabled on NXP SoC in two ways:
- Using MbedTLS, parsing X509 Certificates.
- Using NXP internal method parsing CSF header
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I78fb28516dfcfa667bebf8a1951ffb24bcab8de4
NXP has hardware crypto accelerator called CAAM.
- Work with Job ring
- Jobs are submitted to CAAM in the form of 64 word
descriptor.
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I02bcfce68143b8630e1833a74c4b126972f4323d
Flexspi driver now introduces read/write/erase APIs for complete flash
size, FAST-READ are by default used and IP bus is used for erase, read
and write using flexspi APIs.
Framework layer is currently embedded in driver itself using flash_info
defines.
Test cases are also added to confirm flash functionality currently under
DEBUG flag.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Signed-off-by: Ashish Kumar <Ashish.Kumar@nxp.com>
Signed-off-by: Kuldeep Singh <kuldeep.singh@nxp.com>
Change-Id: I755c0f763f6297a35cad6885f84640de50f51bb0
GIC api used by NXP SoC is based on:
- arm provided drivers: /drivers/arm/gic
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: If3d470256e5bd078614f191e56062c4fbd97f8bd
NXP General Purpose Input/Output driver support for
NXP platforms.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I9a3574f1d5d12e4a65ff60f640d4e77e2defd6d4
NXP Central Security Unit(CSU) for NXP SoC.
CSU is used for:
- Access permissions for peripheral that donot have their own
access control.
- Locking of individual CSU settings until the next POR
- General purpose security related control bits
Refer NXP SoC manuals fro more details.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I07a4729c79c5e2597f8b2a782e87e09f7f30c2ca
DDR driver for NXP layerscape SoC(s):
- lx2160aqds
- lx2162aqds
- lx2160ardb
- Other Board with SoC(s) like ls1046a, ls1043a etc;
-- These other boards are not verified yet.
Signed-off-by: Rajesh Bhagat <rajesh.bhagat@nxp.com>
Signed-off-by: York Sun <york.sun@nxp.com>
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Ic84a63cb30eba054f432d479862cd4d1097cbbaf
NXP I2C driver support for NXP SoC(s).
Signed-off-by: York Sun <york.sun@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I234b76f9fa1b30dd13aa087001411370cc6c8dd0
NXP Security Monitor IP provides hardware anchored
- current security state of the SoC.
- Tamper detect etc.
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I8ff809fe2f3fd013844ab3d4a8733f53c2b06c81
NXP Security Fuse Processor is used to read and write
fuses.
- Fuses once written, are cannot be un-done.
- Used as trust anchor for monotonic counter,
different platform keys etc.
Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I347e806dd87078150fbbbfc28355bb44d9eacb9c
CCN API(s) to be used NXP SoC(s) are added.
These API(s) based on ARM CCN driver
- driver/arm/ccn
CCI API(s) to be used NXP SoC(s) are added.
These API(s) based on ARM CCI driver
- driver/arm/cci
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I7682c4c9bd42f63542b3ffd3cb6c5d2effe4ae0a
NXP TZC-400 API(s) to configure ddr regions are based on:
- drivers/arm/tzc
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I524433ff9fafe1170b13e99b7de01fe957b6d305
NXP Timer Apis are based on:
- drivers/delay_timer
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I2cbccf4c082a10affee1143390905b9cc99c3382
NXP SoCs, supports two types of UART controller:
- PL011 - using ARM drivers sources
- 16550 - using TI drivers source
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Iacbcefd2b6e5d96f83fa00ad25b4f63a4c822bb4
Generic framework is added to include platform defined UUID.
This framework is added for the following:
- All NXP SoC based platforms needed additional fip-fuse.bin
- NXP SoC lx2160a based platforms requires additional fip-ddr.bin
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: Ibe05d9c596256e34077287a490dfcd5b731ef2cf
Conditional definition for the macro MAX_NUMBER_IDS.
This will allow to update this definition by the platform
specific implementation.
Since, NXP SoC lx2160a based platforms requires additional
FIP DDR to be loaded before initializing the DDR.
It requires addition of defines for DDR image IDs.
A dedicated header plat_tbbr_img_def.h is added to the platform
folder - plat/nxp/common/include/default/
Inclusion of this header file will depend on the compile time
flag PLAT_TBBR_IMG_DEF.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I4faba74dce578e2a34acbc8915ff75d7b8368cee
Incorrect value is picked for TF_MBEDTLS_USE_RSA defination,
even if the TF_MBEDTLS_RSA is enabled.
Due to which PK_DER_LEN is defined incorrectly.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I2ca4ca121e0287b88ea689c885ddcd45a34a3e91
Changes to 'tools/cert_create' folder, to include platform defined
certificates, keys, and extensions.
NXP SoC lx2160a : based platforms requires additional
FIP DDR to be loaded before initializing the DDR.
To enable chain of trust on these platforms, FIP DDR
image needs to be authenticated, additionally.
Platform specific folder 'tools/nxp/cert_create_helper'
is added to support platform specific macros and definitions.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I4752a30a9ff3aa1d403e9babe3a07ba0e6b2bf8f
Platforms, which requires additional images to be
verified using TBBR; such that their key certificate
is tied to TRUSTED_KEY_CERT.
For such platforms, if make commands runs twice:
- Once with targets as bl2 & fip.bin, and
- Again to build the target as the additional image.
then, if path to the TRUSTED_KEY_CERT varies in the
makefile with make-target of the additional image, then
there would be two location where "trusted_key.crt" will
be created.
This patch helps overriding the TRUSTED_KEY_CERT from any .mk
in the platform's makefile structure.
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Change-Id: I775a2c409035504b21b0bbe5a4f9046898163eed
This works even on SoCs that do not have an ARISC, and it avoids
clobbering whatever ARISC firmware might be running.
Change-Id: I9f2fed597189bb387de79e8e76a7da3375e1ee91
Signed-off-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
The devicetree binding document[1] for the /reserved-memory node demands
that the number of address and size-cells in the reserved-memory node
must match those values in the root node. So far we were forcing a
64-bit address along with a 32-bit size.
Adjust the code to query the cells values from the root node, and
populate the newly created /reserved-memory node accordingly.
This fixes the fdt_add_reserved_memory() function when called on a
devicetree which does not use the 2/1 pair. Linux is picky about this
and will bail out the parsing routine, effectively ignoring the
reserved-memory node:
[ 0.000000] OF: fdt: Reserved memory: unsupported node format, ignoring
[1] Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt
in the Linux kernel source tree
Change-Id: Ie126ebab4f3fedd48e12c9ed4bd8fa123acc86d3
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Adds bl2 with FIP to the build required for mbed Linux booting where
we do:
BootROM -> SPL -> BL2 -> OPTEE -> u-boot
If NEED_BL2 is specified then BL2 will be built and BL31 will have
its address range modified upwards to accommodate. BL31 must be
loaded from a FIP in this case.
If NEED_BL2 is not specified then the current BL31 boot flow is
unaffected and u-boot SPL will load and execute BL31 directly.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I655343b3b689b1fc57cfbedda4d3dc2fbd549a96
This patch enables Trusted Boot on the i.MX8MM with BL2 doing image
verification from a FIP prior to hand-over to BL31.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I3c22783a5c49544d0bace8ef3724784b9b7cc64a
Adds a number of definitions consistent with the established WaRP7
equivalents specifying number of io_handles and block devices.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: If1d7ef1ad3ac3dfc860f949392c7534ce8d206e3
Allows for exporting of FIP related methods cleanly in a private header.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I8523f1370312ed22ff7ca710cd916be52f725e3c
TZC400 is configured to raise an interrupt in case of faulty access.
Call the new added tzc400_it_handler, in case this interrupt occurs.
Change-Id: Iaf4fa408a8eff99498042e11e2d6177bad39868c
Signed-off-by: Yann Gautier <yann.gautier@st.com>
On STM32MP15, only filters 0 and 1 are used.
Use TZC_400_REGION_ATTR_FILTER_BIT() macro for those 2 filters 0 and 1
instead of U(3).
Change-Id: Ibc61823842ade680f59d5b66b8db59b6a30080e4
Signed-off-by: Yann Gautier <yann.gautier@st.com>
A new function tzc400_it_handler() is created to manage TZC400
interrupts. The required helpers to read and clear interrupts are added
as well.
In case DEBUG is enabled, more information about the faulty access
(address, NSAID, type of access) is displayed.
Change-Id: Ie9ab1c199a8f12b2c9472d7120efbdf35711284a
Signed-off-by: Yann Gautier <yann.gautier@st.com>