From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrew F. Davis Date: Thu, 25 Aug 2016 16:45:30 -0500 Subject: [U-Boot] [PATCH v3 00/11] Allow secure boot on AM33xx devices Message-ID: <20160825214541.22896-1-afd@ti.com> List-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: u-boot@lists.denx.de Hello all, I've recently been tasked with enabling authenticated boot for AM33xx based devices. This work is similar to what has already been done for the AM43xx and AM57xx SoCs and leverages much of the infrastructure from them. The big difference here is the size of SRAM available on AM33xx being much less than on the other SoCs, when performing a secure boot this limits the maximum size of the SPL to just ~41k, the SPL currently generated for AM33xx SoCs is ~70k. I have added a defconfig for booting from mmc, but it is RFC for now as the generated SPL is still much too large to fit into SRAM on HS devices. If you would like to help out you can build this defconfig and it will report by how much we have overflowed SRAM, any help reducing this would be greatly appreciated. Thanks, Andrew Changes from v2: - Dropping the SPL_*_SUPPORT patches as Simon is already way ahead of me on this front[0]. - Minor re-organization of the patches, dropped a couple that I didn't feel were important enough to continue working right now. Changes from v1: - I've moved the cleanup patches to the end of the series and now consider them RFCs. I also do not move any Kconfig options over as this can be performed automatically but will need to be done by someone who understands the build system better than me. - Separate additional AM33xx SOC based boards out from the SoC definition in patch #1. [0] https://www.mail-archive.com/u-boot at lists.denx.de/msg222736.html Andrew F. Davis (11): spl: Kconfig: Add SPL__BOOT as Kconfig option Kconfig: Separate AM33XX SOC config from target board config am33xx: config.mk: Add support for additional secure boot image types doc: Update info on using AM33xx secure devices from TI am33xx: config.mk: Fix option used to enable SPI SPL image type board: am33xx-hs: Allow post-processing of FIT image on AM33xx ti: omap-common: Allow AM33xx devices to be built securely am335x: configs: Use ISW_ENTRY_ADDR to set SPL_TEXT_BASE config: Remove usage of CONFIG_STORAGE_EMMC ti_armv7_common: Disable Falcon Mode on HS devices defconfig: Add a config for AM335x High Security EVM with SD Boot support arch/arm/Kconfig | 98 +++------------------- arch/arm/cpu/armv7/am33xx/Kconfig | 86 +++++++++++++++++++ arch/arm/cpu/armv7/am33xx/config.mk | 29 ++++++- arch/arm/cpu/armv7/omap-common/Kconfig | 2 +- board/ti/am335x/board.c | 8 ++ common/Kconfig | 69 +++++++++++++++ configs/am335x_baltos_defconfig | 1 + configs/am335x_boneblack_defconfig | 1 + configs/am335x_boneblack_vboot_defconfig | 1 + configs/am335x_evm_defconfig | 1 + configs/am335x_evm_nor_defconfig | 1 + configs/am335x_evm_norboot_defconfig | 1 + configs/am335x_evm_spiboot_defconfig | 1 + configs/am335x_evm_usbspl_defconfig | 1 + ...x_evm_defconfig => am335x_hs_evm_mmc_defconfig} | 8 +- configs/am335x_igep0033_defconfig | 1 + configs/am335x_shc_defconfig | 1 + configs/am335x_shc_ict_defconfig | 1 + configs/am335x_shc_netboot_defconfig | 1 + configs/am335x_shc_prompt_defconfig | 1 + configs/am335x_shc_sdboot_defconfig | 1 + configs/am335x_shc_sdboot_prompt_defconfig | 1 + configs/am335x_sl50_defconfig | 1 + configs/birdland_bav335a_defconfig | 1 + configs/birdland_bav335b_defconfig | 1 + configs/cm_t335_defconfig | 1 + configs/pcm051_rev1_defconfig | 1 + configs/pcm051_rev3_defconfig | 1 + configs/pengwyn_defconfig | 1 + configs/pepper_defconfig | 1 + doc/README.ti-secure | 32 +++++++ include/configs/am335x_evm.h | 2 - include/configs/am335x_shc.h | 2 - include/configs/am335x_sl50.h | 2 - include/configs/bav335x.h | 2 - include/configs/ti_am335x_common.h | 3 +- include/configs/ti_armv7_common.h | 15 ++-- 37 files changed, 274 insertions(+), 107 deletions(-) copy configs/{am335x_evm_defconfig => am335x_hs_evm_mmc_defconfig} (86%) -- 2.9.3