* [U-Boot] [PATCH 1/4][v8] powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041
@ 2015-07-31 8:39 Aneesh Bansal
2015-07-31 15:12 ` York Sun
0 siblings, 1 reply; 3+ messages in thread
From: Aneesh Bansal @ 2015-07-31 8:39 UTC (permalink / raw)
To: u-boot
Secure Boot Target is added for NAND for P3041.
Changes:
In PowerPC, the core begins execution from address 0xFFFFFFFC.
In case of secure boot, this default address maps to Boot ROM.
The Boot ROM code requires that the bootloader(U-boot) must lie
in 0 to 3.5G address space i.e. 0x0 - 0xDFFFFFFF.
In case of NAND Secure Boot, CONFIG_SYS_RAMBOOT is enabled and CPC is
configured as SRAM. U-Boot binary will be located on SRAM configured
at address 0xBFF00000.
In the U-Boot code, TLB entries are created to map the virtual address
0xFFF00000 to physical address 0xBFF00000 of CPC configured as SRAM.
Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
---
Changes in v8:
New Patchset Created
Makefile | 4 ++++
arch/powerpc/cpu/mpc85xx/start.S | 11 +++++++++++
arch/powerpc/include/asm/fsl_secure_boot.h | 5 +++++
board/freescale/common/p_corenet/tlb.c | 15 +++++++++++++++
board/freescale/corenet_ds/MAINTAINERS | 5 +++++
configs/P3041DS_NAND_SECURE_BOOT_defconfig | 4 ++++
include/configs/corenet_ds.h | 8 ++++++++
7 files changed, 52 insertions(+)
create mode 100644 configs/P3041DS_NAND_SECURE_BOOT_defconfig
diff --git a/Makefile b/Makefile
index 394ed09..605003e 100644
--- a/Makefile
+++ b/Makefile
@@ -736,8 +736,12 @@ ALL-$(CONFIG_ONENAND_U_BOOT) += u-boot-onenand.bin
ifeq ($(CONFIG_SPL_FSL_PBL),y)
ALL-$(CONFIG_RAMBOOT_PBL) += u-boot-with-spl-pbl.bin
else
+ifneq ($(CONFIG_SECURE_BOOT), y)
+# For Secure Boot The Image needs to be signed and Header must also
+# be included. So The image has to be built explicitly
ALL-$(CONFIG_RAMBOOT_PBL) += u-boot.pbl
endif
+endif
ALL-$(CONFIG_SPL) += spl/u-boot-spl.bin
ALL-$(CONFIG_SPL_FRAMEWORK) += u-boot.img
ALL-$(CONFIG_TPL) += tpl/u-boot-tpl.bin
diff --git a/arch/powerpc/cpu/mpc85xx/start.S b/arch/powerpc/cpu/mpc85xx/start.S
index e61d8e0..a70fb71 100644
--- a/arch/powerpc/cpu/mpc85xx/start.S
+++ b/arch/powerpc/cpu/mpc85xx/start.S
@@ -1052,6 +1052,17 @@ create_init_ram_area:
CONFIG_SYS_MONITOR_BASE & 0xfff00000, MAS2_I|MAS2_G, \
CONFIG_SYS_PBI_FLASH_WINDOW & 0xfff00000, MAS3_SX|MAS3_SW|MAS3_SR, \
0, r6
+
+#elif defined(CONFIG_RAMBOOT_PBL) && defined(CONFIG_SECURE_BOOT)
+ /* create a temp mapping in AS = 1 for mapping CONFIG_SYS_MONITOR_BASE
+ * to L3 Address configured by PBL for ISBC code
+ */
+ create_tlb1_entry 15, \
+ 1, BOOKE_PAGESZ_1M, \
+ CONFIG_SYS_MONITOR_BASE & 0xfff00000, MAS2_I|MAS2_G, \
+ CONFIG_SYS_INIT_L3_ADDR & 0xfff00000, MAS3_SX|MAS3_SW|MAS3_SR, \
+ 0, r6
+
#else
/*
* create a temp mapping in AS=1 to the 1M CONFIG_SYS_MONITOR_BASE space, the main
diff --git a/arch/powerpc/include/asm/fsl_secure_boot.h b/arch/powerpc/include/asm/fsl_secure_boot.h
index 8f794ef..cc33466 100644
--- a/arch/powerpc/include/asm/fsl_secure_boot.h
+++ b/arch/powerpc/include/asm/fsl_secure_boot.h
@@ -46,6 +46,11 @@
#define CONFIG_SYS_INIT_L3_ADDR 0xbff00000
#endif
+#if defined(CONFIG_RAMBOOT_PBL)
+#undef CONFIG_SYS_INIT_L3_ADDR
+#define CONFIG_SYS_INIT_L3_ADDR 0xbff00000
+#endif
+
#if defined(CONFIG_C29XPCIE)
#define CONFIG_KEY_REVOCATION
#endif
diff --git a/board/freescale/common/p_corenet/tlb.c b/board/freescale/common/p_corenet/tlb.c
index 8148e46..56e4f63 100644
--- a/board/freescale/common/p_corenet/tlb.c
+++ b/board/freescale/common/p_corenet/tlb.c
@@ -43,6 +43,8 @@ struct fsl_e_tlb_entry tlb_table[] = {
/* TLB 1 */
/* *I*** - Covers boot page */
#if defined(CONFIG_SYS_RAMBOOT) && defined(CONFIG_SYS_INIT_L3_ADDR)
+
+#if !defined(CONFIG_SECURE_BOOT)
/*
* *I*G - L3SRAM. When L3 is used as 1M SRAM, the address of the
* SRAM is at 0xfff00000, it covered the 0xfffff000.
@@ -50,6 +52,19 @@ struct fsl_e_tlb_entry tlb_table[] = {
SET_TLB_ENTRY(1, CONFIG_SYS_INIT_L3_ADDR, CONFIG_SYS_INIT_L3_ADDR,
MAS3_SX|MAS3_SW|MAS3_SR, MAS2_I|MAS2_G,
0, 0, BOOKE_PAGESZ_1M, 1),
+#else
+ /*
+ * *I*G - L3SRAM. When L3 is used as 1M SRAM, in case of Secure Boot
+ * the physical address of the SRAM is at CONFIG_SYS_INIT_L3_ADDR,
+ * and virtual address is CONFIG_SYS_MONITOR_BASE
+ */
+
+ SET_TLB_ENTRY(1, CONFIG_SYS_MONITOR_BASE & 0xfff00000,
+ CONFIG_SYS_INIT_L3_ADDR & 0xfff00000,
+ MAS3_SX|MAS3_SW|MAS3_SR, MAS2_I|MAS2_G,
+ 0, 0, BOOKE_PAGESZ_1M, 1),
+#endif
+
#elif defined(CONFIG_SRIO_PCIE_BOOT_SLAVE)
/*
* SRIO_PCIE_BOOT-SLAVE. When slave boot, the address of the
diff --git a/board/freescale/corenet_ds/MAINTAINERS b/board/freescale/corenet_ds/MAINTAINERS
index 745847c..6855446 100644
--- a/board/freescale/corenet_ds/MAINTAINERS
+++ b/board/freescale/corenet_ds/MAINTAINERS
@@ -28,3 +28,8 @@ F: configs/P5040DS_NAND_defconfig
F: configs/P5040DS_SDCARD_defconfig
F: configs/P5040DS_SPIFLASH_defconfig
F: configs/P5040DS_SECURE_BOOT_defconfig
+
+CORENET_DS_SECURE_BOOT BOARD
+M: Aneesh Bansal <aneesh.bansal@freescale.com>
+S: Maintained
+F: configs/P3041DS_NAND_SECURE_BOOT_defconfig
diff --git a/configs/P3041DS_NAND_SECURE_BOOT_defconfig b/configs/P3041DS_NAND_SECURE_BOOT_defconfig
new file mode 100644
index 0000000..757f326
--- /dev/null
+++ b/configs/P3041DS_NAND_SECURE_BOOT_defconfig
@@ -0,0 +1,4 @@
+CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,NAND,SECURE_BOOT,SYS_TEXT_BASE=0xFFF40000"
+CONFIG_PPC=y
+CONFIG_MPC85xx=y
+CONFIG_TARGET_P3041DS=y
diff --git a/include/configs/corenet_ds.h b/include/configs/corenet_ds.h
index 88750e0..7c8b73d 100644
--- a/include/configs/corenet_ds.h
+++ b/include/configs/corenet_ds.h
@@ -16,6 +16,13 @@
#include "../board/freescale/common/ics307_clk.h"
#ifdef CONFIG_RAMBOOT_PBL
+#ifdef CONFIG_SECURE_BOOT
+#define CONFIG_RAMBOOT_TEXT_BASE CONFIG_SYS_TEXT_BASE
+#define CONFIG_RESET_VECTOR_ADDRESS 0xfffffffc
+#ifdef CONFIG_NAND
+#define CONFIG_RAMBOOT_NAND
+#endif
+#else
#define CONFIG_RAMBOOT_TEXT_BASE CONFIG_SYS_TEXT_BASE
#define CONFIG_RESET_VECTOR_ADDRESS 0xfffffffc
#define CONFIG_SYS_FSL_PBL_PBI board/freescale/corenet_ds/pbi.cfg
@@ -29,6 +36,7 @@
#define CONFIG_SYS_FSL_PBL_RCW board/freescale/corenet_ds/rcw_p5040ds.cfg
#endif
#endif
+#endif
#ifdef CONFIG_SRIO_PCIE_BOOT_SLAVE
/* Set 1M boot space */
--
1.8.1.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [U-Boot] [PATCH 1/4][v8] powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041
2015-07-31 8:39 [U-Boot] [PATCH 1/4][v8] powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041 Aneesh Bansal
@ 2015-07-31 15:12 ` York Sun
2015-07-31 15:33 ` York Sun
0 siblings, 1 reply; 3+ messages in thread
From: York Sun @ 2015-07-31 15:12 UTC (permalink / raw)
To: u-boot
On 07/31/2015 01:39 AM, Aneesh Bansal wrote:
> Secure Boot Target is added for NAND for P3041.
> Changes:
> In PowerPC, the core begins execution from address 0xFFFFFFFC.
> In case of secure boot, this default address maps to Boot ROM.
> The Boot ROM code requires that the bootloader(U-boot) must lie
> in 0 to 3.5G address space i.e. 0x0 - 0xDFFFFFFF.
>
> In case of NAND Secure Boot, CONFIG_SYS_RAMBOOT is enabled and CPC is
> configured as SRAM. U-Boot binary will be located on SRAM configured
> at address 0xBFF00000.
> In the U-Boot code, TLB entries are created to map the virtual address
> 0xFFF00000 to physical address 0xBFF00000 of CPC configured as SRAM.
>
> Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
> ---
> Changes in v8:
> New Patchset Created
>
This change log doesn't have anything. Please put meaningful log for future
patches. You can try to use patman to ease the process.
York
^ permalink raw reply [flat|nested] 3+ messages in thread
* [U-Boot] [PATCH 1/4][v8] powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041
2015-07-31 15:12 ` York Sun
@ 2015-07-31 15:33 ` York Sun
0 siblings, 0 replies; 3+ messages in thread
From: York Sun @ 2015-07-31 15:33 UTC (permalink / raw)
To: u-boot
On 07/31/2015 08:12 AM, York Sun wrote:
>
>
> On 07/31/2015 01:39 AM, Aneesh Bansal wrote:
>> Secure Boot Target is added for NAND for P3041.
>> Changes:
>> In PowerPC, the core begins execution from address 0xFFFFFFFC.
>> In case of secure boot, this default address maps to Boot ROM.
>> The Boot ROM code requires that the bootloader(U-boot) must lie
>> in 0 to 3.5G address space i.e. 0x0 - 0xDFFFFFFF.
>>
>> In case of NAND Secure Boot, CONFIG_SYS_RAMBOOT is enabled and CPC is
>> configured as SRAM. U-Boot binary will be located on SRAM configured
>> at address 0xBFF00000.
>> In the U-Boot code, TLB entries are created to map the virtual address
>> 0xFFF00000 to physical address 0xBFF00000 of CPC configured as SRAM.
>>
>> Signed-off-by: Aneesh Bansal <aneesh.bansal@freescale.com>
>> ---
>> Changes in v8:
>> New Patchset Created
>>
>
> This change log doesn't have anything. Please put meaningful log for future
> patches. You can try to use patman to ease the process.
Actually this new version doesn't change _ANYTHING_, except adding a new patch
to this set which should be separated anyway. Please do not send patches like these.
York
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-07-31 15:33 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-07-31 8:39 [U-Boot] [PATCH 1/4][v8] powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041 Aneesh Bansal
2015-07-31 15:12 ` York Sun
2015-07-31 15:33 ` York Sun
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.