[PATCH next v5 00/12] aspeed: Support secure boot chain with FIT image verification

[PATCH next v5 00/12] aspeed: Support secure boot chain with FIT image verification

[Chia-Wei Wang]

This patch series intends to provide a secure boot chain from SPL to Linux kernel
based on the hash and signature verification of FIT image paradigm.

To improve the performance and save code size (SPL is limited to 64KB due to HW-RoT),
the drviers of two HW crypto engine HACE and ACRY are also added for AST26xx SoCs.

As HACE and ACRY can only access to DRAM space, additional configuration and
boot command are also updated according to move each FIT image before its booting.

In addition, the common code of FIT image hash algorithm lookup is also revised
to leverage the HW accelerated calculation.

v5:
 - fix inconsistent parameter name due to parallel patch work

v4:
 - add new DM_HASH based driver for Aspeed HACE
 - remove SPL board init, which was originally used to probe non-DM HACE driver
 - fix typo of ARCY to ACRY
 - refactor defconfig based on the new Kconfig of U-Boot next branch

v3:
 - add SW work around for HACE HW DMA issue by resetting HACE
 - add reset control for HACE device tree node
 - sync all of the HACE error message to use debug()

v2:
 - update commit authors

Chia-Wei Wang (9):
  image: fit: Fix parameter name for hash algorithm
  aspeed: ast2600: Enlarge SRAM size
  clk: ast2600: Add RSACLK control for ACRY
  crypto: aspeed: Add AST2600 ACRY support
  ARM: dts: ast2600: Add ACRY to device tree
  ast2600: spl: Locate load buffer in DRAM space
  configs: ast2600-evb: Enable SPL FIT support
  configs: aspeed: Make EXTRA_ENV_SETTINGS board specific
  configs: ast2600: Boot kernel FIT in DRAM

Joel Stanley (2):
  clk: ast2600: Add YCLK control for HACE
  ARM: dts: ast2600: Add HACE to device tree

Johnny Huang (1):
  crypto: aspeed: Add AST2600 HACE support

 arch/arm/dts/ast2600-evb.dts                  |  10 +
 arch/arm/dts/ast2600.dtsi                     |  17 +
 arch/arm/include/asm/arch-aspeed/platform.h   |   2 +-
 .../arm/include/asm/arch-aspeed/scu_ast2600.h |   6 +-
 arch/arm/mach-aspeed/ast2600/spl.c            |   9 +-
 common/image-fit.c                            |   2 +-
 configs/evb-ast2600_defconfig                 |  22 +-
 drivers/clk/aspeed/clk_ast2600.c              |  38 ++
 drivers/crypto/Kconfig                        |   2 +
 drivers/crypto/Makefile                       |   1 +
 drivers/crypto/aspeed/Kconfig                 |  20 +
 drivers/crypto/aspeed/Makefile                |   2 +
 drivers/crypto/aspeed/aspeed_acry.c           | 182 +++++++++
 drivers/crypto/aspeed/aspeed_hace.c           | 381 ++++++++++++++++++
 drivers/crypto/hash/Kconfig                   |   8 +
 include/configs/aspeed-common.h               |   9 -
 include/configs/evb_ast2500.h                 |   9 +
 include/configs/evb_ast2600.h                 |  16 +
 lib/rsa/Kconfig                               |  10 +-
 19 files changed, 720 insertions(+), 26 deletions(-)
 create mode 100644 drivers/crypto/aspeed/Kconfig
 create mode 100644 drivers/crypto/aspeed/Makefile
 create mode 100644 drivers/crypto/aspeed/aspeed_acry.c
 create mode 100644 drivers/crypto/aspeed/aspeed_hace.c

-- 
2.17.1

[PATCH next v5 01/12] image: fit: Fix parameter name for hash algorithm

[Chia-Wei Wang]

Fix inconsistent function parameter name of the hash algorithm.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Fixes: 92055e138f2 ("image: Drop if/elseif hash selection in calculate_hash()")
---
 common/image-fit.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/image-fit.c b/common/image-fit.c
index 5a0a0cc200..9e8a1f36c1 100644
--- a/common/image-fit.c
+++ b/common/image-fit.c
@@ -1229,7 +1229,7 @@ int calculate_hash(const void *data, int data_len, const char *name,
 		return -1;
 	}
 
-	hash_algo = hash_algo_lookup_by_name(algo);
+	hash_algo = hash_algo_lookup_by_name(name);
 	if (hash_algo == HASH_ALGO_INVALID) {
 		debug("Unsupported hash algorithm\n");
 		return -1;
-- 
2.17.1

[PATCH next v5 02/12] aspeed: ast2600: Enlarge SRAM size

[Chia-Wei Wang]

The AST2600 SRAM has been extended to 88KB since A1
chip revision. This patch updates the SRAM size to
offer more space for early stack/heap use.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 arch/arm/include/asm/arch-aspeed/platform.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm/include/asm/arch-aspeed/platform.h b/arch/arm/include/asm/arch-aspeed/platform.h
index d50ec5f8a9..589abd4a3f 100644
--- a/arch/arm/include/asm/arch-aspeed/platform.h
+++ b/arch/arm/include/asm/arch-aspeed/platform.h
@@ -17,7 +17,7 @@
 #define ASPEED_MAC_COUNT	4
 #define ASPEED_DRAM_BASE	0x80000000
 #define ASPEED_SRAM_BASE	0x10000000
-#define ASPEED_SRAM_SIZE	0x10000
+#define ASPEED_SRAM_SIZE	0x16000
 #else
 #err "Unrecognized Aspeed platform."
 #endif
-- 
2.17.1

[PATCH next v5 03/12] clk: ast2600: Add YCLK control for HACE

[Chia-Wei Wang]

From: Joel Stanley <joel@jms.id.au>

Add YCLK enable for HACE, the HW hash engine of
ASPEED AST2600 SoCs.

Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 .../arm/include/asm/arch-aspeed/scu_ast2600.h |  5 +++--
 drivers/clk/aspeed/clk_ast2600.c              | 20 +++++++++++++++++++
 2 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/arch/arm/include/asm/arch-aspeed/scu_ast2600.h b/arch/arm/include/asm/arch-aspeed/scu_ast2600.h
index a205fb1f76..d7b500f656 100644
--- a/arch/arm/include/asm/arch-aspeed/scu_ast2600.h
+++ b/arch/arm/include/asm/arch-aspeed/scu_ast2600.h
@@ -10,8 +10,9 @@
 #define SCU_CLKGATE1_EMMC			BIT(27)
 #define SCU_CLKGATE1_MAC2			BIT(21)
 #define SCU_CLKGATE1_MAC1			BIT(20)
-#define SCU_CLKGATE1_USB_HUB		BIT(14)
-#define SCU_CLKGATE1_USB_HOST2		BIT(7)
+#define SCU_CLKGATE1_USB_HUB			BIT(14)
+#define SCU_CLKGATE1_HACE			BIT(13)
+#define SCU_CLKGATE1_USB_HOST2			BIT(7)
 
 #define SCU_CLKGATE2_FSI			BIT(30)
 #define SCU_CLKGATE2_MAC4			BIT(21)
diff --git a/drivers/clk/aspeed/clk_ast2600.c b/drivers/clk/aspeed/clk_ast2600.c
index 3a92739f5c..69128fd3c4 100644
--- a/drivers/clk/aspeed/clk_ast2600.c
+++ b/drivers/clk/aspeed/clk_ast2600.c
@@ -1013,6 +1013,23 @@ static ulong ast2600_enable_usbbhclk(struct ast2600_scu *scu)
 	return 0;
 }
 
+static ulong ast2600_enable_haceclk(struct ast2600_scu *scu)
+{
+	uint32_t reset_bit;
+	uint32_t clkgate_bit;
+
+	reset_bit = BIT(ASPEED_RESET_HACE);
+	clkgate_bit = SCU_CLKGATE1_HACE;
+
+	writel(reset_bit, &scu->modrst_ctrl1);
+	udelay(100);
+	writel(clkgate_bit, &scu->clkgate_clr1);
+	mdelay(20);
+	writel(reset_bit, &scu->modrst_clr1);
+
+	return 0;
+}
+
 static int ast2600_clk_enable(struct clk *clk)
 {
 	struct ast2600_clk_priv *priv = dev_get_priv(clk->dev);
@@ -1051,6 +1068,9 @@ static int ast2600_clk_enable(struct clk *clk)
 	case ASPEED_CLK_GATE_USBPORT2CLK:
 		ast2600_enable_usbbhclk(priv->scu);
 		break;
+	case ASPEED_CLK_GATE_YCLK:
+		ast2600_enable_haceclk(priv->scu);
+		break;
 	default:
 		pr_err("can't enable clk\n");
 		return -ENOENT;
-- 
2.17.1

[PATCH next v5 04/12] crypto: aspeed: Add AST2600 HACE support

[Chia-Wei Wang]

From: Johnny Huang <johnny_huang@aspeedtech.com>

Hash and Crypto Engine (HACE) is designed to accelerate the
throughput of hash data digest, and symmetric-key encryption.

Signed-off-by: Johnny Huang <johnny_huang@aspeedtech.com>
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 drivers/crypto/Kconfig              |   2 +
 drivers/crypto/Makefile             |   1 +
 drivers/crypto/aspeed/Kconfig       |  10 +
 drivers/crypto/aspeed/Makefile      |   1 +
 drivers/crypto/aspeed/aspeed_hace.c | 381 ++++++++++++++++++++++++++++
 drivers/crypto/hash/Kconfig         |   8 +
 6 files changed, 403 insertions(+)
 create mode 100644 drivers/crypto/aspeed/Kconfig
 create mode 100644 drivers/crypto/aspeed/Makefile
 create mode 100644 drivers/crypto/aspeed/aspeed_hace.c

diff --git a/drivers/crypto/Kconfig b/drivers/crypto/Kconfig
index 0082177c21..675081ecd3 100644
--- a/drivers/crypto/Kconfig
+++ b/drivers/crypto/Kconfig
@@ -4,4 +4,6 @@ source drivers/crypto/hash/Kconfig
 
 source drivers/crypto/fsl/Kconfig
 
+source drivers/crypto/aspeed/Kconfig
+
 endmenu
diff --git a/drivers/crypto/Makefile b/drivers/crypto/Makefile
index e8bae43e3f..6b762565a1 100644
--- a/drivers/crypto/Makefile
+++ b/drivers/crypto/Makefile
@@ -7,3 +7,4 @@ obj-$(CONFIG_EXYNOS_ACE_SHA)	+= ace_sha.o
 obj-y += rsa_mod_exp/
 obj-y += fsl/
 obj-y += hash/
+obj-y += aspeed/
diff --git a/drivers/crypto/aspeed/Kconfig b/drivers/crypto/aspeed/Kconfig
new file mode 100644
index 0000000000..471c06f986
--- /dev/null
+++ b/drivers/crypto/aspeed/Kconfig
@@ -0,0 +1,10 @@
+config ASPEED_HACE
+	bool "ASPEED Hash and Crypto Engine"
+	depends on DM_HASH
+	help
+	  Select this option to enable a driver for using the SHA engine in
+	  the ASPEED BMC SoCs.
+
+	  Enabling this allows the use of SHA operations in hardware without
+	  requiring the SHA software implementations. It also improves performance
+	  and saves code size.
diff --git a/drivers/crypto/aspeed/Makefile b/drivers/crypto/aspeed/Makefile
new file mode 100644
index 0000000000..84e6bfe82a
--- /dev/null
+++ b/drivers/crypto/aspeed/Makefile
@@ -0,0 +1 @@
+obj-$(CONFIG_ASPEED_HACE) += aspeed_hace.o
diff --git a/drivers/crypto/aspeed/aspeed_hace.c b/drivers/crypto/aspeed/aspeed_hace.c
new file mode 100644
index 0000000000..1178cc6a76
--- /dev/null
+++ b/drivers/crypto/aspeed/aspeed_hace.c
@@ -0,0 +1,381 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright 2021 ASPEED Technology Inc.
+ */
+#include <config.h>
+#include <common.h>
+#include <dm.h>
+#include <clk.h>
+#include <log.h>
+#include <asm/io.h>
+#include <malloc.h>
+#include <watchdog.h>
+#include <u-boot/hash.h>
+#include <linux/bitops.h>
+#include <linux/delay.h>
+#include <linux/kernel.h>
+#include <linux/iopoll.h>
+
+/* register offsets*/
+#define HACE_STS		0x1C
+#define   HACE_HASH_DATA_OVF		BIT(23)
+#define   HACE_HASH_INT			BIT(9)
+#define   HACE_HASH_BUSY		BIT(0)
+#define HACE_HASH_DATA		0x20
+#define HACE_HASH_DIGEST	0x24
+#define HACE_HASH_HMAC_KEY	0x28
+#define HACE_HASH_DATA_LEN	0x2C
+#define HACE_HASH_CMD		0x30
+#define   HACE_HASH_MODE_ACCUM		BIT(8)
+#define   HACE_HASH_ALGO_SHA1		BIT(5)
+#define   HACE_HASH_ALGO_SHA256		(BIT(6) | BIT(4))
+#define   HACE_HASH_ALGO_SHA384		(BIT(10) | BIT(6) | BIT(5))
+#define   HACE_HASH_ALGO_SHA512		(BIT(6) | BIT(5))
+#define   HACE_HASH_SHA_BE_EN		BIT(3)
+
+/* buffer size based on SHA-512 need*/
+#define HASH_BLOCK_BUFSZ	128
+#define HASH_DIGEST_BUFSZ	64
+
+struct aspeed_hace_ctx {
+	uint8_t digest[HASH_DIGEST_BUFSZ];
+
+	uint32_t cmd;
+	enum HASH_ALGO algo;
+
+	uint32_t blk_size;
+	uint32_t pad_size;
+	uint64_t total[2];
+
+	uint8_t buf[HASH_BLOCK_BUFSZ];
+	uint32_t buf_cnt;
+} __aligned((8));
+
+struct aspeed_hace {
+	phys_addr_t base;
+	struct clk clk;
+};
+
+static const uint32_t iv_sha1[8] = {
+	0x01234567, 0x89abcdef, 0xfedcba98, 0x76543210,
+	0xf0e1d2c3, 0, 0, 0
+};
+
+static const uint32_t iv_sha256[8] = {
+	0x67e6096a, 0x85ae67bb, 0x72f36e3c, 0x3af54fa5,
+	0x7f520e51, 0x8c68059b, 0xabd9831f, 0x19cde05bUL
+};
+
+static const uint32_t iv_sha384[16] = {
+	0x5d9dbbcb, 0xd89e05c1, 0x2a299a62, 0x07d57c36,
+	0x5a015991, 0x17dd7030, 0xd8ec2f15, 0x39590ef7,
+	0x67263367, 0x310bc0ff, 0x874ab48e, 0x11155868,
+	0x0d2e0cdb, 0xa78ff964, 0x1d48b547, 0xa44ffabeUL
+};
+
+static const uint32_t iv_sha512[16] = {
+	0x67e6096a, 0x08c9bcf3, 0x85ae67bb, 0x3ba7ca84,
+	0x72f36e3c, 0x2bf894fe, 0x3af54fa5, 0xf1361d5f,
+	0x7f520e51, 0xd182e6ad, 0x8c68059b, 0x1f6c3e2b,
+	0xabd9831f, 0x6bbd41fb, 0x19cde05b, 0x79217e13UL
+};
+
+static int aspeed_hace_wait_completion(uint32_t reg, uint32_t flag, int timeout_us)
+{
+	uint32_t val;
+
+	return readl_poll_timeout(reg, val, (val & flag) == flag, timeout_us);
+}
+
+static int aspeed_hace_process(struct udevice *dev, void *ctx, const void *ibuf, uint32_t ilen)
+{
+	struct aspeed_hace *hace = dev_get_priv(dev);
+	struct aspeed_hace_ctx *hace_ctx = (struct aspeed_hace_ctx *)ctx;
+	uint32_t sts = readl(hace->base + HACE_STS);
+
+	if (sts & HACE_HASH_BUSY) {
+		debug("HACE engine busy\n");
+		return -EBUSY;
+	}
+
+	writel(HACE_HASH_INT, hace->base + HACE_STS);
+
+	writel((uint32_t)ibuf, hace->base + HACE_HASH_DATA);
+	writel((uint32_t)hace_ctx->digest, hace->base + HACE_HASH_DIGEST);
+	writel((uint32_t)hace_ctx->digest, hace->base + HACE_HASH_HMAC_KEY);
+	writel(ilen, hace->base + HACE_HASH_DATA_LEN);
+	writel(hace_ctx->cmd, hace->base + HACE_HASH_CMD);
+
+	return aspeed_hace_wait_completion(hace->base + HACE_STS,
+					   HACE_HASH_INT,
+					   1000 + (ilen >> 3));
+}
+
+static int aspeed_hace_init(struct udevice *dev, enum HASH_ALGO algo, void **ctxp)
+{
+	struct aspeed_hace_ctx *hace_ctx;
+
+	hace_ctx = memalign(8, sizeof(struct aspeed_hace_ctx));
+	if (!hace_ctx)
+		return -ENOMEM;
+
+	memset(hace_ctx, 0, sizeof(struct aspeed_hace_ctx));
+
+	hace_ctx->algo = algo;
+	hace_ctx->cmd = HACE_HASH_MODE_ACCUM | HACE_HASH_SHA_BE_EN;
+
+	switch (algo) {
+	case HASH_ALGO_SHA1:
+		hace_ctx->blk_size = 64;
+		hace_ctx->pad_size = 8;
+		hace_ctx->cmd |= HACE_HASH_ALGO_SHA1;
+		memcpy(hace_ctx->digest, iv_sha1, sizeof(iv_sha1));
+		break;
+	case HASH_ALGO_SHA256:
+		hace_ctx->blk_size = 64;
+		hace_ctx->pad_size = 8;
+		hace_ctx->cmd |= HACE_HASH_ALGO_SHA256;
+		memcpy(hace_ctx->digest, iv_sha256, sizeof(iv_sha256));
+		break;
+	case HASH_ALGO_SHA384:
+		hace_ctx->blk_size = 128;
+		hace_ctx->pad_size = 16;
+		hace_ctx->cmd |= HACE_HASH_ALGO_SHA384;
+		memcpy(hace_ctx->digest, iv_sha384, sizeof(iv_sha384));
+		break;
+	case HASH_ALGO_SHA512:
+		hace_ctx->blk_size = 128;
+		hace_ctx->pad_size = 16;
+		hace_ctx->cmd |= HACE_HASH_ALGO_SHA512;
+		memcpy(hace_ctx->digest, iv_sha512, sizeof(iv_sha512));
+		break;
+	default:
+		debug("Unsupported hash algorithm '%s'\n", hash_algo_name(algo));
+		goto free_n_out;
+	};
+
+	*ctxp = hace_ctx;
+
+	return 0;
+
+free_n_out:
+	free(hace_ctx);
+
+	return -EINVAL;
+}
+
+static int aspeed_hace_update(struct udevice *dev, void *ctx, const void *ibuf, uint32_t ilen)
+{
+	int rc;
+	uint32_t left, fill;
+	struct aspeed_hace_ctx *hace_ctx = ctx;
+
+	left = hace_ctx->total[0] & (hace_ctx->blk_size - 1);
+	fill = hace_ctx->blk_size - left;
+
+	hace_ctx->total[0] += ilen;
+	if (hace_ctx->total[0] < ilen)
+		hace_ctx->total[1]++;
+
+	if (left && ilen >= fill) {
+		memcpy(hace_ctx->buf + left, ibuf, fill);
+		rc = aspeed_hace_process(dev, ctx, hace_ctx->buf, hace_ctx->blk_size);
+		if (rc) {
+			debug("failed to process hash, rc=%d\n", rc);
+			return rc;
+		}
+		ilen -= fill;
+		ibuf += fill;
+		left = 0;
+	}
+
+	while (ilen >= hace_ctx->blk_size) {
+		rc = aspeed_hace_process(dev, ctx, ibuf, hace_ctx->blk_size);
+		if (rc) {
+			debug("failed to process hash, rc=%d\n", rc);
+			return rc;
+		}
+
+		ibuf += hace_ctx->blk_size;
+		ilen -= hace_ctx->blk_size;
+	}
+
+	if (ilen)
+		memcpy(hace_ctx->buf + left, ibuf, ilen);
+
+	return 0;
+}
+
+static int aspeed_hace_finish(struct udevice *dev, void *ctx, void *obuf)
+{
+	int rc = 0;
+	uint8_t pad[HASH_BLOCK_BUFSZ * 2];
+	uint32_t last, padn;
+	uint64_t ibits_h, ibits_l;
+	uint64_t ibits_be_h, ibits_be_l;
+	struct aspeed_hace_ctx *hace_ctx = ctx;
+
+	memset(pad, 0, sizeof(pad));
+	pad[0] = 0x80;
+
+	ibits_h = (hace_ctx->total[0] >> 61) | (hace_ctx->total[1] << 3);
+	ibits_be_h = cpu_to_be64(ibits_h);
+
+	ibits_l = (hace_ctx->total[0] << 3);
+	ibits_be_l = cpu_to_be64(ibits_l);
+
+	last = hace_ctx->total[0] & (hace_ctx->blk_size - 1);
+
+	switch (hace_ctx->algo) {
+	case HASH_ALGO_SHA1:
+	case HASH_ALGO_SHA256:
+		padn = (last < 56) ? (56 - last) : (120 - last);
+
+		rc = aspeed_hace_update(dev, ctx, pad, padn);
+		if (rc) {
+			debug("failed to append padding, rc=%d\n", rc);
+			goto free_n_out;
+		}
+
+		rc = aspeed_hace_update(dev, ctx, &ibits_be_l, sizeof(ibits_be_l));
+		if (rc) {
+			debug("failed to append message bits length, rc=%d\n", rc);
+			goto free_n_out;
+		}
+
+		break;
+	case HASH_ALGO_SHA384:
+	case HASH_ALGO_SHA512:
+		padn = (last < 112) ? (112 - last) : (240 - last);
+
+		rc = aspeed_hace_update(dev, ctx, pad, padn);
+		if (rc) {
+			debug("failed to append padding, rc=%d\n", rc);
+			goto free_n_out;
+		}
+
+		rc = aspeed_hace_update(dev, ctx, &ibits_be_h, sizeof(ibits_be_h)) |
+		     aspeed_hace_update(dev, ctx, &ibits_be_l, sizeof(ibits_be_l));
+		if (rc) {
+			debug("failed to append message bits length, rc=%d\n", rc);
+			goto free_n_out;
+		}
+
+		break;
+	default:
+		rc = -EINVAL;
+		break;
+	}
+
+	memcpy(obuf, hace_ctx->digest, hash_algo_digest_size(hace_ctx->algo));
+
+free_n_out:
+	free(ctx);
+
+	return rc;
+}
+
+static int aspeed_hace_digest_wd(struct udevice *dev, enum HASH_ALGO algo,
+			      const void *ibuf, const uint32_t ilen,
+			      void *obuf, uint32_t chunk_sz)
+{
+	int rc;
+	void *ctx;
+	const void *cur, *end;
+	uint32_t chunk;
+
+	rc = aspeed_hace_init(dev, algo, &ctx);
+	if (rc)
+		return rc;
+
+	if (CONFIG_IS_ENABLED(HW_WATCHDOG) || CONFIG_IS_ENABLED(WATCHDOG)) {
+		cur = ibuf;
+		end = ibuf + ilen;
+
+		while (cur < end) {
+			chunk = end - cur;
+			if (chunk > chunk_sz)
+				chunk = chunk_sz;
+
+			rc = aspeed_hace_update(dev, ctx, cur, chunk);
+			if (rc)
+				return rc;
+
+			cur += chunk;
+			WATCHDOG_RESET();
+		}
+	} else {
+		rc = aspeed_hace_update(dev, ctx, ibuf, ilen);
+		if (rc)
+			return rc;
+	}
+
+	rc = aspeed_hace_finish(dev, ctx, obuf);
+	if (rc)
+		return rc;
+
+	return 0;
+}
+
+static int aspeed_hace_digest(struct udevice *dev, enum HASH_ALGO algo,
+			      const void *ibuf, const uint32_t ilen,
+			      void *obuf)
+{
+	/* re-use the watchdog version with input length as the chunk_sz */
+	return aspeed_hace_digest_wd(dev, algo, ibuf, ilen, obuf, ilen);
+}
+
+static int aspeed_hace_probe(struct udevice *dev)
+{
+	int rc;
+	struct aspeed_hace *hace = dev_get_priv(dev);
+
+	rc = clk_get_by_index(dev, 0, &hace->clk);
+	if (rc < 0) {
+		debug("cannot get clock for %s: %d\n", dev->name, rc);
+		return rc;
+	}
+
+	rc = clk_enable(&hace->clk);
+	if (rc) {
+		debug("cannot enable clock for %s: %d\n", dev->name, rc);
+		return rc;
+	}
+
+	hace->base = devfdt_get_addr(dev);
+
+	return rc;
+}
+
+static int aspeed_hace_remove(struct udevice *dev)
+{
+	struct aspeed_hace *hace = dev_get_priv(dev);
+
+	clk_disable(&hace->clk);
+
+	return 0;
+}
+
+static const struct hash_ops aspeed_hace_ops = {
+	.hash_init = aspeed_hace_init,
+	.hash_update = aspeed_hace_update,
+	.hash_finish = aspeed_hace_finish,
+	.hash_digest_wd = aspeed_hace_digest_wd,
+	.hash_digest = aspeed_hace_digest,
+};
+
+static const struct udevice_id aspeed_hace_ids[] = {
+	{ .compatible = "aspeed,ast2600-hace" },
+	{ }
+};
+
+U_BOOT_DRIVER(aspeed_hace) = {
+	.name = "aspeed_hace",
+	.id = UCLASS_HASH,
+	.of_match = aspeed_hace_ids,
+	.ops = &aspeed_hace_ops,
+	.probe = aspeed_hace_probe,
+	.remove	= aspeed_hace_remove,
+	.priv_auto = sizeof(struct aspeed_hace),
+	.flags = DM_FLAG_PRE_RELOC,
+};
diff --git a/drivers/crypto/hash/Kconfig b/drivers/crypto/hash/Kconfig
index cd29a5c6a4..bf9540eca6 100644
--- a/drivers/crypto/hash/Kconfig
+++ b/drivers/crypto/hash/Kconfig
@@ -14,3 +14,11 @@ config HASH_SOFTWARE
 	help
 	  Enable driver for hashing operations in software. Currently
 	  it support multiple hash algorithm including CRC/MD5/SHA.
+
+config HASH_ASPEED
+	bool "Enable Hash with ASPEED hash accelerator"
+	depends on DM_HASH
+	select ASPEED_HACE
+	help
+	  Enable this to support HW-assisted hashing operations using ASPEED Hash
+	  and Crypto engine - HACE
-- 
2.17.1

[PATCH next v5 05/12] ARM: dts: ast2600: Add HACE to device tree

[Chia-Wei Wang]

From: Joel Stanley <joel@jms.id.au>

Add HACE DTS node and enable it for AST2600 EVB.

Signed-off-by: Joel Stanley <joel@jms.id.au>
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 arch/arm/dts/ast2600-evb.dts | 5 +++++
 arch/arm/dts/ast2600.dtsi    | 8 ++++++++
 2 files changed, 13 insertions(+)

diff --git a/arch/arm/dts/ast2600-evb.dts b/arch/arm/dts/ast2600-evb.dts
index 2abd31341c..adb80a30ef 100644
--- a/arch/arm/dts/ast2600-evb.dts
+++ b/arch/arm/dts/ast2600-evb.dts
@@ -177,3 +177,8 @@
 			  0x08 0x04
 			  0x08 0x04>;
 };
+
+&hace {
+	u-boot,dm-pre-reloc;
+	status = "okay";
+};
diff --git a/arch/arm/dts/ast2600.dtsi b/arch/arm/dts/ast2600.dtsi
index f121f547e6..b8fe966c7d 100644
--- a/arch/arm/dts/ast2600.dtsi
+++ b/arch/arm/dts/ast2600.dtsi
@@ -187,6 +187,14 @@
 			};
 		};
 
+		hace: hace@1e6d0000 {
+			compatible = "aspeed,ast2600-hace";
+			reg = <0x1e6d0000 0x200>;
+			interrupts = <GIC_SPI 4 IRQ_TYPE_LEVEL_HIGH>;
+			clocks = <&scu ASPEED_CLK_GATE_YCLK>;
+			status = "disabled";
+		};
+
 		edac: sdram@1e6e0000 {
 			compatible = "aspeed,ast2600-sdram-edac";
 			reg = <0x1e6e0000 0x174>;
-- 
2.17.1

[PATCH next v5 06/12] clk: ast2600: Add RSACLK control for ACRY

[Chia-Wei Wang]

Add RSACLK enable for ACRY, the HW RSA/ECC crypto engine
of ASPEED AST2600 SoCs.

As ACRY and HACE share the same reset control bit, we do not
perform the reset-hold-n-release operation during their clock
ungating process. Instead, only reset release is conducted to
prevent mutual interference.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 .../arm/include/asm/arch-aspeed/scu_ast2600.h |  1 +
 drivers/clk/aspeed/clk_ast2600.c              | 22 +++++++++++++++++--
 2 files changed, 21 insertions(+), 2 deletions(-)

diff --git a/arch/arm/include/asm/arch-aspeed/scu_ast2600.h b/arch/arm/include/asm/arch-aspeed/scu_ast2600.h
index d7b500f656..7c5aab98b6 100644
--- a/arch/arm/include/asm/arch-aspeed/scu_ast2600.h
+++ b/arch/arm/include/asm/arch-aspeed/scu_ast2600.h
@@ -8,6 +8,7 @@
 #define SCU_UNLOCK_KEY			0x1688a8a8
 
 #define SCU_CLKGATE1_EMMC			BIT(27)
+#define SCU_CLKGATE1_ACRY			BIT(24)
 #define SCU_CLKGATE1_MAC2			BIT(21)
 #define SCU_CLKGATE1_MAC1			BIT(20)
 #define SCU_CLKGATE1_USB_HUB			BIT(14)
diff --git a/drivers/clk/aspeed/clk_ast2600.c b/drivers/clk/aspeed/clk_ast2600.c
index 69128fd3c4..f6ebf824aa 100644
--- a/drivers/clk/aspeed/clk_ast2600.c
+++ b/drivers/clk/aspeed/clk_ast2600.c
@@ -1018,11 +1018,26 @@ static ulong ast2600_enable_haceclk(struct ast2600_scu *scu)
 	uint32_t reset_bit;
 	uint32_t clkgate_bit;
 
+	/* share the same reset control bit with ACRY */
 	reset_bit = BIT(ASPEED_RESET_HACE);
 	clkgate_bit = SCU_CLKGATE1_HACE;
 
-	writel(reset_bit, &scu->modrst_ctrl1);
-	udelay(100);
+	writel(clkgate_bit, &scu->clkgate_clr1);
+	mdelay(20);
+	writel(reset_bit, &scu->modrst_clr1);
+
+	return 0;
+}
+
+static ulong ast2600_enable_rsaclk(struct ast2600_scu *scu)
+{
+	uint32_t reset_bit;
+	uint32_t clkgate_bit;
+
+	/* share the same reset control bit with HACE */
+	reset_bit = BIT(ASPEED_RESET_HACE);
+	clkgate_bit = SCU_CLKGATE1_ACRY;
+
 	writel(clkgate_bit, &scu->clkgate_clr1);
 	mdelay(20);
 	writel(reset_bit, &scu->modrst_clr1);
@@ -1071,6 +1086,9 @@ static int ast2600_clk_enable(struct clk *clk)
 	case ASPEED_CLK_GATE_YCLK:
 		ast2600_enable_haceclk(priv->scu);
 		break;
+	case ASPEED_CLK_GATE_RSACLK:
+		ast2600_enable_rsaclk(priv->scu);
+		break;
 	default:
 		pr_err("can't enable clk\n");
 		return -ENOENT;
-- 
2.17.1

[PATCH next v5 07/12] crypto: aspeed: Add AST2600 ACRY support

[Chia-Wei Wang]

ACRY is deisnged to accerlerate ECC/RSA digital signature
generation and verification.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 drivers/crypto/aspeed/Kconfig       |  10 ++
 drivers/crypto/aspeed/Makefile      |   1 +
 drivers/crypto/aspeed/aspeed_acry.c | 182 ++++++++++++++++++++++++++++
 lib/rsa/Kconfig                     |  10 +-
 4 files changed, 202 insertions(+), 1 deletion(-)
 create mode 100644 drivers/crypto/aspeed/aspeed_acry.c

diff --git a/drivers/crypto/aspeed/Kconfig b/drivers/crypto/aspeed/Kconfig
index 471c06f986..9bf317177a 100644
--- a/drivers/crypto/aspeed/Kconfig
+++ b/drivers/crypto/aspeed/Kconfig
@@ -8,3 +8,13 @@ config ASPEED_HACE
 	  Enabling this allows the use of SHA operations in hardware without
 	  requiring the SHA software implementations. It also improves performance
 	  and saves code size.
+
+config ASPEED_ACRY
+	bool "ASPEED RSA and ECC Engine"
+	depends on ASPEED_AST2600
+	help
+	 Select this option to enable a driver for using the RSA/ECC engine in
+	 the ASPEED BMC SoCs.
+
+	 Enabling this allows the use of RSA/ECC operations in hardware without requiring the
+	 software implementations. It also improves performance and saves code size.
diff --git a/drivers/crypto/aspeed/Makefile b/drivers/crypto/aspeed/Makefile
index 84e6bfe82a..58b55fc46e 100644
--- a/drivers/crypto/aspeed/Makefile
+++ b/drivers/crypto/aspeed/Makefile
@@ -1 +1,2 @@
 obj-$(CONFIG_ASPEED_HACE) += aspeed_hace.o
+obj-$(CONFIG_ASPEED_ACRY) += aspeed_acry.o
diff --git a/drivers/crypto/aspeed/aspeed_acry.c b/drivers/crypto/aspeed/aspeed_acry.c
new file mode 100644
index 0000000000..0b948f828a
--- /dev/null
+++ b/drivers/crypto/aspeed/aspeed_acry.c
@@ -0,0 +1,182 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright 2021 ASPEED Technology Inc.
+ */
+#include <config.h>
+#include <common.h>
+#include <clk.h>
+#include <dm.h>
+#include <asm/types.h>
+#include <asm/io.h>
+#include <dm/device.h>
+#include <dm/fdtaddr.h>
+#include <linux/delay.h>
+#include <u-boot/rsa-mod-exp.h>
+
+/* ACRY register offsets */
+#define ACRY_CTRL1		0x00
+#define   ACRY_CTRL1_RSA_DMA		BIT(1)
+#define   ACRY_CTRL1_RSA_START		BIT(0)
+#define ACRY_CTRL2		0x44
+#define ACRY_CTRL3		0x48
+#define   ACRY_CTRL3_SRAM_AHB_ACCESS	BIT(8)
+#define   ACRY_CTRL3_ECC_RSA_MODE_MASK	GENMASK(5, 4)
+#define   ACRY_CTRL3_ECC_RSA_MODE_SHIFT	4
+#define ACRY_DMA_DRAM_SADDR	0x4c
+#define ACRY_DMA_DMEM_TADDR	0x50
+#define   ACRY_DMA_DMEM_TADDR_LEN_MASK	GENMASK(15, 0)
+#define   ACRY_DMA_DMEM_TADDR_LEN_SHIFT	0
+#define ACRY_RSA_PARAM		0x58
+#define   ACRY_RSA_PARAM_EXP_MASK	GENMASK(31, 16)
+#define   ACRY_RSA_PARAM_EXP_SHIFT	16
+#define   ACRY_RSA_PARAM_MOD_MASK	GENMASK(15, 0)
+#define   ACRY_RSA_PARAM_MOD_SHIFT	0
+#define ACRY_RSA_INT_EN		0x3f8
+#define   ACRY_RSA_INT_EN_RSA_READY	BIT(2)
+#define   ACRY_RSA_INT_EN_RSA_CMPLT	BIT(1)
+#define ACRY_RSA_INT_STS	0x3fc
+#define   ACRY_RSA_INT_STS_RSA_READY	BIT(2)
+#define   ACRY_RSA_INT_STS_RSA_CMPLT	BIT(1)
+
+/* misc. constant */
+#define ACRY_ECC_MODE	2
+#define ACRY_RSA_MODE	3
+#define ACRY_CTX_BUFSZ	0x600
+
+struct aspeed_acry {
+	phys_addr_t base;
+	phys_addr_t sram_base; /* internal sram */
+	struct clk clk;
+};
+
+static int aspeed_acry_mod_exp(struct udevice *dev, const uint8_t *sig, uint32_t sig_len,
+			       struct key_prop *prop, uint8_t *out)
+{
+	int i, j;
+	u8 *ctx;
+	u8 *ptr;
+	u32 reg;
+	struct aspeed_acry *acry = dev_get_priv(dev);
+
+	ctx = memalign(16, ACRY_CTX_BUFSZ);
+	if (!ctx)
+		return -ENOMEM;
+
+	memset(ctx, 0, ACRY_CTX_BUFSZ);
+
+	ptr = (u8 *)prop->public_exponent;
+	for (i = prop->exp_len - 1, j = 0; i >= 0; --i) {
+		ctx[j] = ptr[i];
+		j++;
+		j = (j % 16) ? j : j + 32;
+	}
+
+	ptr = (u8 *)prop->modulus;
+	for (i = (prop->num_bits >> 3) - 1, j = 0; i >= 0; --i) {
+		ctx[j + 16] = ptr[i];
+		j++;
+		j = (j % 16) ? j : j + 32;
+	}
+
+	ptr = (u8 *)sig;
+	for (i = sig_len - 1, j = 0; i >= 0; --i) {
+		ctx[j + 32] = ptr[i];
+		j++;
+		j = (j % 16) ? j : j + 32;
+	}
+
+	writel((u32)ctx, acry->base + ACRY_DMA_DRAM_SADDR);
+
+	reg = (((prop->exp_len << 3) << ACRY_RSA_PARAM_EXP_SHIFT) & ACRY_RSA_PARAM_EXP_MASK) |
+		  ((prop->num_bits << ACRY_RSA_PARAM_MOD_SHIFT) & ACRY_RSA_PARAM_MOD_MASK);
+	writel(reg, acry->base + ACRY_RSA_PARAM);
+
+	reg = (ACRY_CTX_BUFSZ << ACRY_DMA_DMEM_TADDR_LEN_SHIFT) & ACRY_DMA_DMEM_TADDR_LEN_MASK;
+	writel(reg, acry->base + ACRY_DMA_DMEM_TADDR);
+
+	reg = (ACRY_RSA_MODE << ACRY_CTRL3_ECC_RSA_MODE_SHIFT) & ACRY_CTRL3_ECC_RSA_MODE_MASK;
+	writel(reg, acry->base + ACRY_CTRL3);
+
+	writel(ACRY_CTRL1_RSA_DMA | ACRY_CTRL1_RSA_START, acry->base + ACRY_CTRL1);
+
+	/* polling RSA status */
+	while (1) {
+		reg = readl(acry->base + ACRY_RSA_INT_STS);
+		if ((reg & ACRY_RSA_INT_STS_RSA_READY) && (reg & ACRY_RSA_INT_STS_RSA_CMPLT))
+			break;
+		udelay(20);
+	}
+
+	writel(0x0, acry->base + ACRY_CTRL1);
+	writel(ACRY_CTRL3_SRAM_AHB_ACCESS, acry->base + ACRY_CTRL3);
+	udelay(20);
+
+	for (i = (prop->num_bits / 8) - 1, j = 0; i >= 0; --i) {
+		out[i] = readb(acry->sram_base + (j + 32));
+		j++;
+		j = (j % 16) ? j : j + 32;
+	}
+
+	return 0;
+}
+
+static int aspeed_acry_probe(struct udevice *dev)
+{
+	struct aspeed_acry *acry = dev_get_priv(dev);
+	int ret;
+
+	ret = clk_get_by_index(dev, 0, &acry->clk);
+	if (ret < 0) {
+		debug("Can't get clock for %s: %d\n", dev->name, ret);
+		return ret;
+	}
+
+	ret = clk_enable(&acry->clk);
+	if (ret) {
+		debug("Failed to enable acry clock (%d)\n", ret);
+		return ret;
+	}
+
+	acry->base = devfdt_get_addr_index(dev, 0);
+	if (acry->base == FDT_ADDR_T_NONE) {
+		debug("Failed to get acry base\n");
+		return acry->base;
+	}
+
+	acry->sram_base = devfdt_get_addr_index(dev, 1);
+	if (acry->sram_base == FDT_ADDR_T_NONE) {
+		debug("Failed to get acry SRAM base\n");
+		return acry->sram_base;
+	}
+
+	return ret;
+}
+
+static int aspeed_acry_remove(struct udevice *dev)
+{
+	struct aspeed_acry *acry = dev_get_priv(dev);
+
+	clk_disable(&acry->clk);
+
+	return 0;
+}
+
+static const struct mod_exp_ops aspeed_acry_ops = {
+	.mod_exp = aspeed_acry_mod_exp,
+};
+
+static const struct udevice_id aspeed_acry_ids[] = {
+	{ .compatible = "aspeed,ast2600-acry" },
+	{ }
+};
+
+U_BOOT_DRIVER(aspeed_acry) = {
+	.name = "aspeed_acry",
+	.id = UCLASS_MOD_EXP,
+	.of_match = aspeed_acry_ids,
+	.probe = aspeed_acry_probe,
+	.remove = aspeed_acry_remove,
+	.priv_auto = sizeof(struct aspeed_acry),
+	.ops = &aspeed_acry_ops,
+	.flags = DM_FLAG_PRE_RELOC,
+};
diff --git a/lib/rsa/Kconfig b/lib/rsa/Kconfig
index a90d67e5a8..4386c1dce4 100644
--- a/lib/rsa/Kconfig
+++ b/lib/rsa/Kconfig
@@ -1,7 +1,8 @@
 config RSA
 	bool "Use RSA Library"
 	select RSA_FREESCALE_EXP if FSL_CAAM && !ARCH_MX7 && !ARCH_MX6 && !ARCH_MX5
-	select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP
+	select RSA_ASPEED_EXP if ASPEED_ACRY
+	select RSA_SOFTWARE_EXP if !RSA_FREESCALE_EXP && !RSA_ASPEED_EXP
 	help
 	  RSA support. This enables the RSA algorithm used for FIT image
 	  verification in U-Boot.
@@ -61,4 +62,11 @@ config RSA_FREESCALE_EXP
 	Enables driver for RSA modular exponentiation using Freescale cryptographic
 	accelerator - CAAM.
 
+config RSA_ASPEED_EXP
+	bool "Enable RSA Modular Exponentiation with ASPEED crypto accelerator"
+	depends on DM && ASPEED_ACRY
+	help
+	Enables driver for RSA modular exponentiation using ASPEED cryptographic
+	accelerator - ACRY
+
 endif
-- 
2.17.1

[PATCH next v5 08/12] ARM: dts: ast2600: Add ACRY to device tree

[Chia-Wei Wang]

Add ACRY DTS node and enable it for AST2600 EVB.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 arch/arm/dts/ast2600-evb.dts | 5 +++++
 arch/arm/dts/ast2600.dtsi    | 9 +++++++++
 2 files changed, 14 insertions(+)

diff --git a/arch/arm/dts/ast2600-evb.dts b/arch/arm/dts/ast2600-evb.dts
index adb80a30ef..05362d19bd 100644
--- a/arch/arm/dts/ast2600-evb.dts
+++ b/arch/arm/dts/ast2600-evb.dts
@@ -182,3 +182,8 @@
 	u-boot,dm-pre-reloc;
 	status = "okay";
 };
+
+&acry {
+	u-boot,dm-pre-reloc;
+	status = "okay";
+};
diff --git a/arch/arm/dts/ast2600.dtsi b/arch/arm/dts/ast2600.dtsi
index b8fe966c7d..31905fd208 100644
--- a/arch/arm/dts/ast2600.dtsi
+++ b/arch/arm/dts/ast2600.dtsi
@@ -195,6 +195,15 @@
 			status = "disabled";
 		};
 
+		acry: acry@1e6fa000 {
+			compatible = "aspeed,ast2600-acry";
+			reg = <0x1e6fa000 0x1000>,
+			      <0x1e710000 0x10000>;
+			interrupts = <GIC_SPI 160 IRQ_TYPE_LEVEL_HIGH>;
+			clocks = <&scu ASPEED_CLK_GATE_RSACLK>;
+			status = "disabled";
+		};
+
 		edac: sdram@1e6e0000 {
 			compatible = "aspeed,ast2600-sdram-edac";
 			reg = <0x1e6e0000 0x174>;
-- 
2.17.1

[PATCH next v5 09/12] ast2600: spl: Locate load buffer in DRAM space

[Chia-Wei Wang]

Return CONFIG_SYS_LOAD_ADDR pointing to DRAM space for
spl_get_load_buffer() to allow generic SPL image loading
code (e.g. FIT and Ymodem) to store data in DRAM.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 arch/arm/mach-aspeed/ast2600/spl.c | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/arch/arm/mach-aspeed/ast2600/spl.c b/arch/arm/mach-aspeed/ast2600/spl.c
index 0d8cb29678..6c49d6aede 100644
--- a/arch/arm/mach-aspeed/ast2600/spl.c
+++ b/arch/arm/mach-aspeed/ast2600/spl.c
@@ -28,14 +28,7 @@ u32 spl_boot_device(void)
 
 struct image_header *spl_get_load_buffer(ssize_t offset, size_t size)
 {
-	/*
-	 * When boot from SPI, AST2600 already remap 0x00000000 ~ 0x0fffffff
-	 * to BMC SPI memory space 0x20000000 ~ 0x2fffffff. The next stage BL
-	 * has been located in SPI for XIP. In this case, the load buffer for
-	 * SPL image loading will be set to the remapped address of the next
-	 * BL instead of the DRAM space CONFIG_SYS_LOAD_ADDR
-	 */
-	return (struct image_header *)(CONFIG_SYS_TEXT_BASE);
+	return (struct image_header *)(CONFIG_SYS_LOAD_ADDR);
 }
 
 #ifdef CONFIG_SPL_OS_BOOT
-- 
2.17.1

[PATCH next v5 10/12] configs: ast2600-evb: Enable SPL FIT support

[Chia-Wei Wang]

Enable SPL FIT image load and verification support.
The HW accelerated SHA is also available with the
newly added support of the HACE HW hash engine.

The SPL thumb build is also enabled to keep the binary
less than 64KB to fit into the Aspeed secure boot design.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 configs/evb-ast2600_defconfig | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/configs/evb-ast2600_defconfig b/configs/evb-ast2600_defconfig
index 56ab885d9b..eba6940ec1 100644
--- a/configs/evb-ast2600_defconfig
+++ b/configs/evb-ast2600_defconfig
@@ -1,7 +1,8 @@
 CONFIG_ARM=y
 CONFIG_SYS_DCACHE_OFF=y
+CONFIG_SPL_SYS_THUMB_BUILD=y
 CONFIG_ARCH_ASPEED=y
-CONFIG_SYS_TEXT_BASE=0x10000
+CONFIG_SYS_TEXT_BASE=0x80000000
 CONFIG_ASPEED_AST2600=y
 CONFIG_TARGET_EVB_AST2600=y
 CONFIG_SPL_LIBCOMMON_SUPPORT=y
@@ -12,13 +13,17 @@ CONFIG_ENV_SIZE=0x10000
 CONFIG_SYS_MALLOC_LEN=0x2000000
 CONFIG_DEFAULT_DEVICE_TREE="ast2600-evb"
 CONFIG_SPL_SERIAL=y
+CONFIG_SPL_STACK_R_ADDR=0x83000000
 CONFIG_SPL_SIZE_LIMIT=0x10000
 CONFIG_SPL=y
 # CONFIG_ARMV7_NONSEC is not set
 # CONFIG_SYS_MALLOC_CLEAR_ON_INIT is not set
 CONFIG_SYS_LOAD_ADDR=0x83000000
 CONFIG_FIT=y
-# CONFIG_LEGACY_IMAGE_FORMAT is not set
+CONFIG_SPL_FIT_SIGNATURE=y
+CONFIG_SPL_LOAD_FIT=y
+CONFIG_SPL_LOAD_FIT_ADDRESS=0x10000
+# CONFIG_USE_SPL_FIT_GENERATOR is not set
 CONFIG_USE_BOOTARGS=y
 CONFIG_BOOTARGS="console=ttyS4,115200n8 root=/dev/ram rw"
 CONFIG_USE_BOOTCOMMAND=y
@@ -26,8 +31,10 @@ CONFIG_BOOTCOMMAND="bootm 20100000"
 # CONFIG_DISPLAY_CPUINFO is not set
 CONFIG_SPL_SIZE_LIMIT_SUBTRACT_GD=y
 CONFIG_SPL_SIZE_LIMIT_SUBTRACT_MALLOC=y
-# CONFIG_SPL_LEGACY_IMAGE_SUPPORT is not set
 CONFIG_SPL_SYS_MALLOC_SIMPLE=y
+CONFIG_SPL_STACK_R=y
+CONFIG_SPL_STACK_R_MALLOC_SIMPLE_LEN=0x2000000
+CONFIG_SPL_FIT_IMAGE_TINY=y
 CONFIG_SPL_DM_RESET=y
 CONFIG_SPL_RAM_SUPPORT=y
 CONFIG_SPL_RAM_DEVICE=y
@@ -47,6 +54,9 @@ CONFIG_REGMAP=y
 CONFIG_SPL_OF_TRANSLATE=y
 CONFIG_CLK=y
 CONFIG_SPL_CLK=y
+CONFIG_DM_HASH=y
+CONFIG_HASH_ASPEED=y
+CONFIG_ASPEED_ACRY=y
 CONFIG_DM_I2C=y
 CONFIG_MISC=y
 CONFIG_SPL_MISC=y
@@ -65,5 +75,9 @@ CONFIG_SYS_NS16550=y
 CONFIG_SYSRESET=y
 CONFIG_SPL_SYSRESET=y
 CONFIG_WDT=y
+CONFIG_SHA512_ALGO=y
+CONFIG_SHA512=y
+CONFIG_SHA384=y
 CONFIG_HEXDUMP=y
 # CONFIG_EFI_LOADER is not set
+CONFIG_PHANDLE_CHECK_SEQ=y
-- 
2.17.1

[PATCH next v5 11/12] configs: aspeed: Make EXTRA_ENV_SETTINGS board specific

[Chia-Wei Wang]

Move CONFIG_EXTRA_ENV_SETTINGS to board-specific
configuration headers.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 include/configs/aspeed-common.h | 9 ---------
 include/configs/evb_ast2500.h   | 9 +++++++++
 include/configs/evb_ast2600.h   | 9 +++++++++
 3 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/include/configs/aspeed-common.h b/include/configs/aspeed-common.h
index 5177bf20fa..96526e1a75 100644
--- a/include/configs/aspeed-common.h
+++ b/include/configs/aspeed-common.h
@@ -38,13 +38,4 @@
  */
 #define CONFIG_BOOTP_BOOTFILESIZE
 
-/*
- * Miscellaneous configurable options
- */
-
-#define CONFIG_EXTRA_ENV_SETTINGS \
-	"verify=yes\0"	\
-	"spi_dma=yes\0" \
-	""
-
 #endif	/* __AST_COMMON_CONFIG_H */
diff --git a/include/configs/evb_ast2500.h b/include/configs/evb_ast2500.h
index dc032c1a41..a886fd941e 100644
--- a/include/configs/evb_ast2500.h
+++ b/include/configs/evb_ast2500.h
@@ -13,4 +13,13 @@
 
 #define CONFIG_SYS_UBOOT_BASE		CONFIG_SYS_TEXT_BASE
 
+/* Memory Info */
+#define CONFIG_SYS_LOAD_ADDR		0x83000000
+
+/* Misc */
+#define CONFIG_EXTRA_ENV_SETTINGS \
+	"verify=yes\0"	\
+	"spi_dma=yes\0" \
+	""
+
 #endif	/* __CONFIG_H */
diff --git a/include/configs/evb_ast2600.h b/include/configs/evb_ast2600.h
index 177a52eb91..d2aceb6663 100644
--- a/include/configs/evb_ast2600.h
+++ b/include/configs/evb_ast2600.h
@@ -10,4 +10,13 @@
 
 #define CONFIG_SYS_UBOOT_BASE		CONFIG_SYS_TEXT_BASE
 
+/* Memory Info */
+#define CONFIG_SYS_LOAD_ADDR		0x83000000
+
+/* Misc */
+#define CONFIG_EXTRA_ENV_SETTINGS \
+	"verify=yes\0"	\
+	"spi_dma=yes\0" \
+	""
+
 #endif	/* __CONFIG_H */
-- 
2.17.1

[PATCH next v5 12/12] configs: ast2600: Boot kernel FIT in DRAM

[Chia-Wei Wang]

AST2600 leverages the FIT hash/signature verification to fulfill
secure boot trust chain. To improve the performance and save SW
code size for those crypto operations, the two HW crypto engine,
HACE and ACRY, are enabled.

However, both of the engines can only access to data stored in
DRAM space. Therefore, we need to move the FIT image into DRAM
before the booting.

This patch update the CONFIG_BOOTCOMMAND to execute the pre-defined
ENV variable which consists of FIT image copy to memory and booting.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
---
 configs/evb-ast2600_defconfig | 2 +-
 include/configs/evb_ast2600.h | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/configs/evb-ast2600_defconfig b/configs/evb-ast2600_defconfig
index eba6940ec1..abb156f13e 100644
--- a/configs/evb-ast2600_defconfig
+++ b/configs/evb-ast2600_defconfig
@@ -27,7 +27,7 @@ CONFIG_SPL_LOAD_FIT_ADDRESS=0x10000
 CONFIG_USE_BOOTARGS=y
 CONFIG_BOOTARGS="console=ttyS4,115200n8 root=/dev/ram rw"
 CONFIG_USE_BOOTCOMMAND=y
-CONFIG_BOOTCOMMAND="bootm 20100000"
+CONFIG_BOOTCOMMAND="run bootspi"
 # CONFIG_DISPLAY_CPUINFO is not set
 CONFIG_SPL_SIZE_LIMIT_SUBTRACT_GD=y
 CONFIG_SPL_SIZE_LIMIT_SUBTRACT_MALLOC=y
diff --git a/include/configs/evb_ast2600.h b/include/configs/evb_ast2600.h
index d2aceb6663..83002db317 100644
--- a/include/configs/evb_ast2600.h
+++ b/include/configs/evb_ast2600.h
@@ -14,7 +14,14 @@
 #define CONFIG_SYS_LOAD_ADDR		0x83000000
 
 /* Misc */
+#define STR_HELPER(s)	#s
+#define STR(s)		STR_HELPER(s)
+
 #define CONFIG_EXTRA_ENV_SETTINGS \
+	"loadaddr=" STR(CONFIG_SYS_LOAD_ADDR) "\0" \
+	"bootspi=fdt addr 20100000 && fdt header get fitsize totalsize && " \
+	"cp.b 20100000 ${loadaddr} ${fitsize} && bootm; " \
+	"echo Error loading kernel FIT image\0" \
 	"verify=yes\0"	\
 	"spi_dma=yes\0" \
 	""
-- 
2.17.1

Re: [PATCH next v5 01/12] image: fit: Fix parameter name for hash algorithm

[Simon Glass]

Hi Chia-Wei,

On Sun, 3 Oct 2021 at 19:54, Chia-Wei Wang <chiawei_wang@aspeedtech.com> wrote:
>
> Fix inconsistent function parameter name of the hash algorithm.
>
> Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
> Fixes: 92055e138f2 ("image: Drop if/elseif hash selection in calculate_hash()")
> ---
>  common/image-fit.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/common/image-fit.c b/common/image-fit.c
> index 5a0a0cc200..9e8a1f36c1 100644
> --- a/common/image-fit.c
> +++ b/common/image-fit.c
> @@ -1229,7 +1229,7 @@ int calculate_hash(const void *data, int data_len, const char *name,
>                 return -1;
>         }
>
> -       hash_algo = hash_algo_lookup_by_name(algo);
> +       hash_algo = hash_algo_lookup_by_name(name);
>         if (hash_algo == HASH_ALGO_INVALID) {
>                 debug("Unsupported hash algorithm\n");
>                 return -1;
> --

Can you please fix the comment for this function as well?

 * @algo: requested hash algorithm

(should be @name)

Regards,
Simon

RE: [PATCH next v5 01/12] image: fit: Fix parameter name for hash algorithm

[ChiaWei Wang]

Hi Simon,

> From: Simon Glass <sjg@chromium.org>
> Sent: Thursday, October 14, 2021 11:10 PM
> 
> Hi Chia-Wei,
> 
> On Sun, 3 Oct 2021 at 19:54, Chia-Wei Wang
> <chiawei_wang@aspeedtech.com> wrote:
> >
> > Fix inconsistent function parameter name of the hash algorithm.
> >
> > Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
> > Fixes: 92055e138f2 ("image: Drop if/elseif hash selection in
> > calculate_hash()")
> > ---
> >  common/image-fit.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/common/image-fit.c b/common/image-fit.c index
> > 5a0a0cc200..9e8a1f36c1 100644
> > --- a/common/image-fit.c
> > +++ b/common/image-fit.c
> > @@ -1229,7 +1229,7 @@ int calculate_hash(const void *data, int data_len,
> const char *name,
> >                 return -1;
> >         }
> >
> > -       hash_algo = hash_algo_lookup_by_name(algo);
> > +       hash_algo = hash_algo_lookup_by_name(name);
> >         if (hash_algo == HASH_ALGO_INVALID) {
> >                 debug("Unsupported hash algorithm\n");
> >                 return -1;
> > --
> 
> Can you please fix the comment for this function as well?
> 
>  * @algo: requested hash algorithm
> 
> (should be @name)
> 

Sure. I missed the comment part.
Will send v6 to make them consistent ASAP.

Regards,
Chiawei