From: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
To: <lukma@denx.de>, <maxims@google.com>, <sjg@chromium.org>,
<u-boot@lists.denx.de>
Cc: <ryan_chen@aspeedtech.com>, <joel@jms.id.au>
Subject: [PATCH v2 00/14] aspeed: Support secure boot chain with FIT image verification
Date: Fri, 16 Jul 2021 13:55:32 +0800 [thread overview]
Message-ID: <20210716055546.1619-1-chiawei_wang@aspeedtech.com> (raw)
This patch series intends to provide a secure boot chain from SPL to Linux kernel
based on the hash and signature verification of FIT image paradigm.
To improve the performance and save code size (SPL is limited to 64KB due to HW-RoT),
the drviers of two HW crypto engine HACE and ARCY are also added for AST26xx SoCs.
As HACE and ARCY can only access to DRAM space, additional configuration and
boot command are also updated according to move each FIT image before its booting.
In addition, the common code of FIT image hash algorithm lookup is also revised
to leverage the HW accelerated calculation.
v2:
- update commit authors
Chia-Wei Wang (9):
aspeed: ast2600: Enlarge SRAM size
clk: ast2600: Add RSACLK control for ARCY
crypto: aspeed: Add AST2600 ARCY support
ast2600: spl: Add ARCY probing
ARM: dts: ast2600: Add ARCY to device tree
ast2600: spl: Locate load buffer in DRAM space
configs: ast2600-evb: Enable SPL FIT support
configs: aspeed: Make EXTRA_ENV_SETTINGS board specific
configs: ast2600: Boot kernel FIT in DRAM
Joel Stanley (5):
clk: ast2600: Add YCLK control for HACE
crypto: aspeed: Add AST2600 HACE support
ast2600: spl: Add HACE probing
ARM: dts: ast2600: Add HACE to device tree
common: fit: Use hash.c to call CRC/SHA function
arch/arm/dts/ast2600-evb.dts | 10 +
arch/arm/dts/ast2600.dtsi | 17 ++
arch/arm/include/asm/arch-aspeed/platform.h | 2 +-
.../arm/include/asm/arch-aspeed/scu_ast2600.h | 6 +-
arch/arm/mach-aspeed/ast2600/spl.c | 29 +-
common/image-fit.c | 35 +--
configs/evb-ast2600_defconfig | 26 +-
drivers/clk/aspeed/clk_ast2600.c | 35 +++
drivers/crypto/Kconfig | 2 +
drivers/crypto/Makefile | 1 +
drivers/crypto/aspeed/Kconfig | 22 ++
drivers/crypto/aspeed/Makefile | 2 +
drivers/crypto/aspeed/aspeed_arcy.c | 182 +++++++++++
drivers/crypto/aspeed/aspeed_hace.c | 288 ++++++++++++++++++
include/configs/aspeed-common.h | 9 -
include/configs/evb_ast2500.h | 6 +
include/configs/evb_ast2600.h | 13 +
lib/rsa/Kconfig | 10 +-
18 files changed, 645 insertions(+), 50 deletions(-)
create mode 100644 drivers/crypto/aspeed/Kconfig
create mode 100644 drivers/crypto/aspeed/Makefile
create mode 100644 drivers/crypto/aspeed/aspeed_arcy.c
create mode 100644 drivers/crypto/aspeed/aspeed_hace.c
--
2.17.1
next reply other threads:[~2021-07-16 5:56 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-16 5:55 Chia-Wei Wang [this message]
2021-07-16 5:55 ` [PATCH v2 01/14] aspeed: ast2600: Enlarge SRAM size Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 02/14] clk: ast2600: Add YCLK control for HACE Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 03/14] crypto: aspeed: Add AST2600 HACE support Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 04/14] ast2600: spl: Add HACE probing Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 05/14] ARM: dts: ast2600: Add HACE to device tree Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 06/14] common: fit: Use hash.c to call CRC/SHA function Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 07/14] clk: ast2600: Add RSACLK control for ARCY Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 08/14] crypto: aspeed: Add AST2600 ARCY support Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 09/14] ast2600: spl: Add ARCY probing Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 10/14] ARM: dts: ast2600: Add ARCY to device tree Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 11/14] ast2600: spl: Locate load buffer in DRAM space Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 12/14] configs: ast2600-evb: Enable SPL FIT support Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 13/14] configs: aspeed: Make EXTRA_ENV_SETTINGS board specific Chia-Wei Wang
2021-07-16 5:55 ` [PATCH v2 14/14] configs: ast2600: Boot kernel FIT in DRAM Chia-Wei Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210716055546.1619-1-chiawei_wang@aspeedtech.com \
--to=chiawei_wang@aspeedtech.com \
--cc=joel@jms.id.au \
--cc=lukma@denx.de \
--cc=maxims@google.com \
--cc=ryan_chen@aspeedtech.com \
--cc=sjg@chromium.org \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.