[PATCH u-boot v2019.04-aspeed-openbmc v3 0/4] FIT verification

[PATCH u-boot v2019.04-aspeed-openbmc v3 0/4] FIT verification

[Joel Stanley]

As part of our effort to enable secure boot in openbmc, this turns on
FIT verification in the SPL and u-boot.

It adjusts the SRAM layout to accommodate the extra code size, moving
the heap to the non-parity checked 24KB of SRAM.

It also modifies the way the SPL is built, including disabling features.

v3 Reorders the patches to put the size reduction changes first, and
then enables signature verification to ensure the build can be bisected.

The ymodem disable patch is dropped, as we fit cleanly under the 64KB
boundary with the feature enabled.

The general cleanup patch is dropped, except for the DOS_PARTITION
change which was added to the SPL cleanup patch. These cleanups will be
posted separately at a later date.

           Size   Delta
 HEAD     44054
 patch 1  43442    -612
 patch 2  42337   -1105
 patch 3  42337       0
 patch 4  63378  +21041

Joel Stanley (4):
  ast2600: Allow selection of SPL boot devices
  config: ast2600: Reduce SPL image size
  ast2600: Modify SPL SRAM layout
  config: ast2600: Enable FIT signature verification

 arch/arm/mach-aspeed/ast2600/Kconfig       | 12 ++++++++++++
 arch/arm/mach-aspeed/ast2600/spl_boot.c    |  9 +++++++++
 configs/ast2600_openbmc_spl_emmc_defconfig |  9 ++++++++-
 include/configs/evb_ast2600a1_spl.h        |  4 ++--
 4 files changed, 31 insertions(+), 3 deletions(-)

-- 
2.29.2

[PATCH u-boot v2019.04-aspeed-openbmc v3 1/4] ast2600: Allow selection of SPL boot devices

[Joel Stanley]

The AST2600 SPL can boot from a number of sources, with or without the
AST2600 secure boot feature. It may be desirable to disable some of
these, so put them behind the defines for the drivers that are used.

Reviewed-by: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
Signed-off-by: Joel Stanley <joel@jms.id.au>
---
 arch/arm/mach-aspeed/ast2600/Kconfig    | 12 ++++++++++++
 arch/arm/mach-aspeed/ast2600/spl_boot.c |  9 +++++++++
 2 files changed, 21 insertions(+)

diff --git a/arch/arm/mach-aspeed/ast2600/Kconfig b/arch/arm/mach-aspeed/ast2600/Kconfig
index dd991e87c795..518f41b558d3 100644
--- a/arch/arm/mach-aspeed/ast2600/Kconfig
+++ b/arch/arm/mach-aspeed/ast2600/Kconfig
@@ -53,6 +53,18 @@ config TARGET_SLT_AST2600
 
 endchoice
 
+config ASPEED_SECBOOT_BL2
+	bool "ASPEED secure boot BL2 support"
+	depends on ASPEED_AST2600
+	help
+	  Enable ASPEED's "secboot" secure boot support for verifying
+	  the SPL's playload ("BL2").
+
+	  Enable this is if you're using secure boot support in the AST2600 (or similar)
+	  to verify your u-boot proper.
+
+	  Disable this is if you are using u-boot's vboot to verify u-boot.
+
 source "board/aspeed/evb_ast2600a0/Kconfig"
 source "board/aspeed/evb_ast2600a1/Kconfig"
 source "board/aspeed/ncsi_ast2600a0/Kconfig"
diff --git a/arch/arm/mach-aspeed/ast2600/spl_boot.c b/arch/arm/mach-aspeed/ast2600/spl_boot.c
index 58a22f646e08..98cf72bf440d 100644
--- a/arch/arm/mach-aspeed/ast2600/spl_boot.c
+++ b/arch/arm/mach-aspeed/ast2600/spl_boot.c
@@ -42,6 +42,7 @@ static int aspeed_secboot_spl_ram_load_image(struct spl_image_info *spl_image,
 }
 SPL_LOAD_IMAGE_METHOD("RAM with Aspeed Secure Boot", 0, ASPEED_SECBOOT_DEVICE_RAM, aspeed_secboot_spl_ram_load_image);
 
+#if IS_ENABLED(CONFIG_SPL_MMC_SUPPORT)
 static int aspeed_spl_mmc_load_image(struct spl_image_info *spl_image,
 				      struct spl_boot_device *bootdev)
 {
@@ -101,6 +102,7 @@ static int aspeed_spl_mmc_load_image(struct spl_image_info *spl_image,
 }
 SPL_LOAD_IMAGE_METHOD("MMC", 0, ASPEED_BOOT_DEVICE_MMC, aspeed_spl_mmc_load_image);
 
+#if IS_ENABLED(ASPEED_SECBOOT_BL2)
 static int aspeed_secboot_spl_mmc_load_image(struct spl_image_info *spl_image,
 				      struct spl_boot_device *bootdev)
 {
@@ -161,7 +163,10 @@ static int aspeed_secboot_spl_mmc_load_image(struct spl_image_info *spl_image,
 	return 0;
 }
 SPL_LOAD_IMAGE_METHOD("MMC with Aspeed Secure Boot", 0, ASPEED_SECBOOT_DEVICE_MMC, aspeed_secboot_spl_mmc_load_image);
+#endif /* ASPEED_SECBOOT_BL2 */
+#endif
 
+#if IS_ENABLED(CONFIG_SPL_YMODEM_SUPPORT)
 static int getcymodem(void)
 {
 	if (tstc())
@@ -204,6 +209,8 @@ end_stream:
 }
 SPL_LOAD_IMAGE_METHOD("UART", 0, ASPEED_BOOT_DEVICE_UART, aspeed_spl_ymodem_load_image);
 
+
+#if IS_ENABLED(ASPEED_SECBOOT_BL2)
 static int aspeed_secboot_spl_ymodem_load_image(struct spl_image_info *spl_image,
 		struct spl_boot_device *bootdev)
 {
@@ -245,3 +252,5 @@ end_stream:
 	return ret;
 }
 SPL_LOAD_IMAGE_METHOD("UART with Aspeed Secure Boot", 0, ASPEED_SECBOOT_DEVICE_UART, aspeed_secboot_spl_ymodem_load_image);
+#endif /* ASPEED_SECBOOT_BL2 */
+#endif
-- 
2.29.2

[PATCH u-boot v2019.04-aspeed-openbmc v3 2/4] config: ast2600: Reduce SPL image size

[Joel Stanley]

This modifies some features of the SPL to ensure it fits in the 64KB
payload size once we enable FIT signature verification in the SPL.

We still build with thumb, as this is selected SYS_THUMB_BUILD (ie, the
SPL defaults to thumb if u-boot proper is built with thumb).

The not using the arch memcpy/memset changes save 668 bytes. The tiny
memset saves 52 bytes. (Anyone who wants to test the runtime impact of
these changes should do so!)

The DOS_PARTITION change saves 229 bytes.

In total, this set of options reduces the binary size by 1105 bytes
with GCC 10.

Signed-off-by: Joel Stanley <joel@jms.id.au>
--
v3:
 - Drop unnecessary TPL banner change
 - Clarify thumb build
 - Add data on size impact of each change
 - Add DOS_PARTITION change to this patch
 - Move FIT_TINY to a different patch; with the reordering of patches
   FIT verification is not yet turned on when applying this patch
---
 configs/ast2600_openbmc_spl_emmc_defconfig | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/configs/ast2600_openbmc_spl_emmc_defconfig b/configs/ast2600_openbmc_spl_emmc_defconfig
index 68d18652c980..26e8790cef87 100644
--- a/configs/ast2600_openbmc_spl_emmc_defconfig
+++ b/configs/ast2600_openbmc_spl_emmc_defconfig
@@ -2,8 +2,9 @@ CONFIG_ARM=y
 CONFIG_SYS_CONFIG_NAME="evb_ast2600a1_spl"
 CONFIG_SYS_DCACHE_OFF=y
 CONFIG_POSITION_INDEPENDENT=y
-CONFIG_SPL_SYS_THUMB_BUILD=y
 CONFIG_SYS_THUMB_BUILD=y
+# CONFIG_SPL_USE_ARCH_MEMCPY is not set
+# CONFIG_SPL_USE_ARCH_MEMSET is not set
 CONFIG_SPL_LDSCRIPT="arch/$(ARCH)/mach-aspeed/ast2600/u-boot-spl.lds"
 CONFIG_ARCH_ASPEED=y
 CONFIG_SYS_TEXT_BASE=0x10000
@@ -80,6 +81,7 @@ CONFIG_CMD_EXT4_WRITE=y
 CONFIG_CMD_FAT=y
 CONFIG_CMD_FS_GENERIC=y
 CONFIG_CMD_MTDPARTS=y
+# CONFIG_SPL_DOS_PARTITION is not set
 # CONFIG_SPL_EFI_PARTITION is not set
 CONFIG_SPL_OF_CONTROL=y
 CONFIG_ENV_IS_IN_MMC=y
@@ -125,6 +127,7 @@ CONFIG_DM_SPI=y
 CONFIG_SYSRESET=y
 CONFIG_WDT=y
 CONFIG_USE_TINY_PRINTF=y
+CONFIG_SPL_TINY_MEMSET=y
 CONFIG_TPM=y
 CONFIG_SPL_TPM=y
 # CONFIG_EFI_LOADER is not set
-- 
2.29.2

[PATCH u-boot v2019.04-aspeed-openbmc v3 3/4] ast2600: Modify SPL SRAM layout

[Joel Stanley]

The SRAM is 89KB on the A1 and beyond:

 0x1000_0000 to 0x1000_ffff: 64KB, with parity check
 0x1001_0000 to 0x1001_5fff: 24KB, w/o parity check
 0x1001_6000 to 0x1001_63ff: 1KB, w/o parity check, each byte write once

Allow the image to fill the full 64KB payload size (max that secure boot
supports) and place the stack at the top of the 24KB of SRAM.

Acked-by: Andrew Jeffery <andrew@aj.id.au>
Signed-off-by: Joel Stanley <joel@jms.id.au>
---
v3: reoorder patch

 include/configs/evb_ast2600a1_spl.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/configs/evb_ast2600a1_spl.h b/include/configs/evb_ast2600a1_spl.h
index 69f3c32ce1d5..a39988820add 100644
--- a/include/configs/evb_ast2600a1_spl.h
+++ b/include/configs/evb_ast2600a1_spl.h
@@ -25,8 +25,8 @@
 
 /* SPL */
 #define CONFIG_SPL_TEXT_BASE		0x00000000
-#define CONFIG_SPL_MAX_SIZE		0x0000E800
-#define CONFIG_SPL_STACK		0x10010000
+#define CONFIG_SPL_MAX_SIZE		0x00010000
+#define CONFIG_SPL_STACK		0x10016000
 #define CONFIG_SPL_BSS_START_ADDR	0x90000000
 #define CONFIG_SPL_BSS_MAX_SIZE		0x00100000
 
-- 
2.29.2

[PATCH u-boot v2019.04-aspeed-openbmc v3 4/4] config: ast2600: Enable FIT signature verification

[Joel Stanley]

This turns on FIT signature verification for the OpenBMC SPL
configuration, for both the SPL and u-boot.

This enables rsa and sha algorithms for verifying the signature of the
u-boot FIT when loading it.

FIT_IMAGE_TINY is selected to save approx 3KB from the image size.

Signed-off-by: Joel Stanley <joel@jms.id.au>
---
v3: Move SPL_FIT_IMAGE_TINY to this patch
---
 configs/ast2600_openbmc_spl_emmc_defconfig | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/configs/ast2600_openbmc_spl_emmc_defconfig b/configs/ast2600_openbmc_spl_emmc_defconfig
index 26e8790cef87..6daf6343478b 100644
--- a/configs/ast2600_openbmc_spl_emmc_defconfig
+++ b/configs/ast2600_openbmc_spl_emmc_defconfig
@@ -36,6 +36,9 @@ CONFIG_ARMV7_BOOT_SEC_DEFAULT=y
 CONFIG_ARMV7_PSCI_NR_CPUS=2
 CONFIG_NR_DRAM_BANKS=1
 CONFIG_FIT=y
+CONFIG_FIT_SIGNATURE=y
+CONFIG_SPL_FIT_SIGNATURE=y
+CONFIG_SPL_LOAD_FIT=y
 CONFIG_USE_BOOTARGS=y
 CONFIG_BOOTARGS="console=ttyS4,115200n8 root=/dev/ram rw"
 CONFIG_USE_BOOTCOMMAND=y
@@ -49,6 +52,7 @@ CONFIG_BOARD_EARLY_INIT_F=y
 CONFIG_SPL_SYS_MALLOC_SIMPLE=y
 CONFIG_SPL_STACK_R=y
 CONFIG_SPL_SEPARATE_BSS=y
+CONFIG_SPL_FIT_IMAGE_TINY=y
 CONFIG_SPL_DM_RESET=y
 CONFIG_SPL_RAM_SUPPORT=y
 CONFIG_SPL_RAM_DEVICE=y
-- 
2.29.2

Re: [PATCH u-boot v2019.04-aspeed-openbmc v3 1/4] ast2600: Allow selection of SPL boot devices

[Andrew Jeffery]

On Thu, 28 Jan 2021, at 10:45, Joel Stanley wrote:
> The AST2600 SPL can boot from a number of sources, with or without the
> AST2600 secure boot feature. It may be desirable to disable some of
> these, so put them behind the defines for the drivers that are used.
> 
> Reviewed-by: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
> Signed-off-by: Joel Stanley <joel@jms.id.au>
> ---
>  arch/arm/mach-aspeed/ast2600/Kconfig    | 12 ++++++++++++
>  arch/arm/mach-aspeed/ast2600/spl_boot.c |  9 +++++++++
>  2 files changed, 21 insertions(+)
> 
> diff --git a/arch/arm/mach-aspeed/ast2600/Kconfig 
> b/arch/arm/mach-aspeed/ast2600/Kconfig
> index dd991e87c795..518f41b558d3 100644
> --- a/arch/arm/mach-aspeed/ast2600/Kconfig
> +++ b/arch/arm/mach-aspeed/ast2600/Kconfig
> @@ -53,6 +53,18 @@ config TARGET_SLT_AST2600
>  
>  endchoice
>  
> +config ASPEED_SECBOOT_BL2
> +	bool "ASPEED secure boot BL2 support"
> +	depends on ASPEED_AST2600
> +	help
> +	  Enable ASPEED's "secboot" secure boot support for verifying
> +	  the SPL's playload ("BL2").
> +
> +	  Enable this is if you're using secure boot support in the AST2600 
> (or similar)
> +	  to verify your u-boot proper.
> +
> +	  Disable this is if you are using u-boot's vboot to verify u-boot.
> +
>  source "board/aspeed/evb_ast2600a0/Kconfig"
>  source "board/aspeed/evb_ast2600a1/Kconfig"
>  source "board/aspeed/ncsi_ast2600a0/Kconfig"
> diff --git a/arch/arm/mach-aspeed/ast2600/spl_boot.c 
> b/arch/arm/mach-aspeed/ast2600/spl_boot.c
> index 58a22f646e08..98cf72bf440d 100644
> --- a/arch/arm/mach-aspeed/ast2600/spl_boot.c
> +++ b/arch/arm/mach-aspeed/ast2600/spl_boot.c
> @@ -42,6 +42,7 @@ static int aspeed_secboot_spl_ram_load_image(struct 
> spl_image_info *spl_image,
>  }
>  SPL_LOAD_IMAGE_METHOD("RAM with Aspeed Secure Boot", 0, 
> ASPEED_SECBOOT_DEVICE_RAM, aspeed_secboot_spl_ram_load_image);

The orthogonal groups of MMC/RAM vs secure/not makes it hard to read :( But it 
looks like your IS_ENABLED(ASPEED_SECBOOT_BL2) #ifdef-ery has missed 
aspeed_secboot_spl_ram_load_image()?

Andrew

Re: [PATCH u-boot v2019.04-aspeed-openbmc v3 2/4] config: ast2600: Reduce SPL image size

[Andrew Jeffery]

On Thu, 28 Jan 2021, at 10:45, Joel Stanley wrote:
> This modifies some features of the SPL to ensure it fits in the 64KB
> payload size once we enable FIT signature verification in the SPL.
> 
> We still build with thumb, as this is selected SYS_THUMB_BUILD (ie, the
> SPL defaults to thumb if u-boot proper is built with thumb).
> 
> The not using the arch memcpy/memset changes save 668 bytes. The tiny
> memset saves 52 bytes. (Anyone who wants to test the runtime impact of
> these changes should do so!)
> 
> The DOS_PARTITION change saves 229 bytes.
> 
> In total, this set of options reduces the binary size by 1105 bytes
> with GCC 10.
> 
> Signed-off-by: Joel Stanley <joel@jms.id.au>

Acked-by: Andrew Jeffery <andrew@aj.id.au>

Re: [PATCH u-boot v2019.04-aspeed-openbmc v3 1/4] ast2600: Allow selection of SPL boot devices

[Joel Stanley]

On Thu, 28 Jan 2021 at 00:51, Andrew Jeffery <andrew@aj.id.au> wrote:
>
>
>
> On Thu, 28 Jan 2021, at 10:45, Joel Stanley wrote:
> > The AST2600 SPL can boot from a number of sources, with or without the
> > AST2600 secure boot feature. It may be desirable to disable some of
> > these, so put them behind the defines for the drivers that are used.
> >
> > Reviewed-by: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
> > Signed-off-by: Joel Stanley <joel@jms.id.au>
> > ---
> >  arch/arm/mach-aspeed/ast2600/Kconfig    | 12 ++++++++++++
> >  arch/arm/mach-aspeed/ast2600/spl_boot.c |  9 +++++++++
> >  2 files changed, 21 insertions(+)
> >
> > diff --git a/arch/arm/mach-aspeed/ast2600/Kconfig
> > b/arch/arm/mach-aspeed/ast2600/Kconfig
> > index dd991e87c795..518f41b558d3 100644
> > --- a/arch/arm/mach-aspeed/ast2600/Kconfig
> > +++ b/arch/arm/mach-aspeed/ast2600/Kconfig
> > @@ -53,6 +53,18 @@ config TARGET_SLT_AST2600
> >
> >  endchoice
> >
> > +config ASPEED_SECBOOT_BL2
> > +     bool "ASPEED secure boot BL2 support"
> > +     depends on ASPEED_AST2600
> > +     help
> > +       Enable ASPEED's "secboot" secure boot support for verifying
> > +       the SPL's playload ("BL2").
> > +
> > +       Enable this is if you're using secure boot support in the AST2600
> > (or similar)
> > +       to verify your u-boot proper.
> > +
> > +       Disable this is if you are using u-boot's vboot to verify u-boot.
> > +
> >  source "board/aspeed/evb_ast2600a0/Kconfig"
> >  source "board/aspeed/evb_ast2600a1/Kconfig"
> >  source "board/aspeed/ncsi_ast2600a0/Kconfig"
> > diff --git a/arch/arm/mach-aspeed/ast2600/spl_boot.c
> > b/arch/arm/mach-aspeed/ast2600/spl_boot.c
> > index 58a22f646e08..98cf72bf440d 100644
> > --- a/arch/arm/mach-aspeed/ast2600/spl_boot.c
> > +++ b/arch/arm/mach-aspeed/ast2600/spl_boot.c
> > @@ -42,6 +42,7 @@ static int aspeed_secboot_spl_ram_load_image(struct
> > spl_image_info *spl_image,
> >  }
> >  SPL_LOAD_IMAGE_METHOD("RAM with Aspeed Secure Boot", 0,
> > ASPEED_SECBOOT_DEVICE_RAM, aspeed_secboot_spl_ram_load_image);
>
> The orthogonal groups of MMC/RAM vs secure/not makes it hard to read :( But it
> looks like your IS_ENABLED(ASPEED_SECBOOT_BL2) #ifdef-ery has missed
> aspeed_secboot_spl_ram_load_image()?

Yeah, it could include that. I'll send a follow up once this series has gone in.

Cheers,

Joel

Re: [PATCH u-boot v2019.04-aspeed-openbmc v3 1/4] ast2600: Allow selection of SPL boot devices

[Andrew Jeffery]

On Thu, 28 Jan 2021, at 11:32, Joel Stanley wrote:
> On Thu, 28 Jan 2021 at 00:51, Andrew Jeffery <andrew@aj.id.au> wrote:
> >
> >
> >
> > On Thu, 28 Jan 2021, at 10:45, Joel Stanley wrote:
> > > The AST2600 SPL can boot from a number of sources, with or without the
> > > AST2600 secure boot feature. It may be desirable to disable some of
> > > these, so put them behind the defines for the drivers that are used.
> > >
> > > Reviewed-by: Klaus Heinrich Kiwi <klaus@linux.vnet.ibm.com>
> > > Signed-off-by: Joel Stanley <joel@jms.id.au>
> > > ---
> > >  arch/arm/mach-aspeed/ast2600/Kconfig    | 12 ++++++++++++
> > >  arch/arm/mach-aspeed/ast2600/spl_boot.c |  9 +++++++++
> > >  2 files changed, 21 insertions(+)
> > >
> > > diff --git a/arch/arm/mach-aspeed/ast2600/Kconfig
> > > b/arch/arm/mach-aspeed/ast2600/Kconfig
> > > index dd991e87c795..518f41b558d3 100644
> > > --- a/arch/arm/mach-aspeed/ast2600/Kconfig
> > > +++ b/arch/arm/mach-aspeed/ast2600/Kconfig
> > > @@ -53,6 +53,18 @@ config TARGET_SLT_AST2600
> > >
> > >  endchoice
> > >
> > > +config ASPEED_SECBOOT_BL2
> > > +     bool "ASPEED secure boot BL2 support"
> > > +     depends on ASPEED_AST2600
> > > +     help
> > > +       Enable ASPEED's "secboot" secure boot support for verifying
> > > +       the SPL's playload ("BL2").
> > > +
> > > +       Enable this is if you're using secure boot support in the AST2600
> > > (or similar)
> > > +       to verify your u-boot proper.
> > > +
> > > +       Disable this is if you are using u-boot's vboot to verify u-boot.
> > > +
> > >  source "board/aspeed/evb_ast2600a0/Kconfig"
> > >  source "board/aspeed/evb_ast2600a1/Kconfig"
> > >  source "board/aspeed/ncsi_ast2600a0/Kconfig"
> > > diff --git a/arch/arm/mach-aspeed/ast2600/spl_boot.c
> > > b/arch/arm/mach-aspeed/ast2600/spl_boot.c
> > > index 58a22f646e08..98cf72bf440d 100644
> > > --- a/arch/arm/mach-aspeed/ast2600/spl_boot.c
> > > +++ b/arch/arm/mach-aspeed/ast2600/spl_boot.c
> > > @@ -42,6 +42,7 @@ static int aspeed_secboot_spl_ram_load_image(struct
> > > spl_image_info *spl_image,
> > >  }
> > >  SPL_LOAD_IMAGE_METHOD("RAM with Aspeed Secure Boot", 0,
> > > ASPEED_SECBOOT_DEVICE_RAM, aspeed_secboot_spl_ram_load_image);
> >
> > The orthogonal groups of MMC/RAM vs secure/not makes it hard to read :( But it
> > looks like your IS_ENABLED(ASPEED_SECBOOT_BL2) #ifdef-ery has missed
> > aspeed_secboot_spl_ram_load_image()?
> 
> Yeah, it could include that. I'll send a follow up once this series has gone in.
> 

Okay, well, on that basis:

Reviewed-by: Andrew Jeffery <andrew@aj.id.au>

Re: [PATCH u-boot v2019.04-aspeed-openbmc v3 4/4] config: ast2600: Enable FIT signature verification

[Andrew Jeffery]

On Thu, 28 Jan 2021, at 10:45, Joel Stanley wrote:
> This turns on FIT signature verification for the OpenBMC SPL
> configuration, for both the SPL and u-boot.
> 
> This enables rsa and sha algorithms for verifying the signature of the
> u-boot FIT when loading it.
> 
> FIT_IMAGE_TINY is selected to save approx 3KB from the image size.
> 
> Signed-off-by: Joel Stanley <joel@jms.id.au>

Acked-by: Andrew Jeffery <andrew@aj.id.au>

Re: [PATCH u-boot v2019.04-aspeed-openbmc v3 0/4] FIT verification

[Joel Stanley]

On Thu, 28 Jan 2021 at 00:15, Joel Stanley <joel@jms.id.au> wrote:
>
> As part of our effort to enable secure boot in openbmc, this turns on
> FIT verification in the SPL and u-boot.
>
> It adjusts the SRAM layout to accommodate the extra code size, moving
> the heap to the non-parity checked 24KB of SRAM.
>
> It also modifies the way the SPL is built, including disabling features.
>
> v3 Reorders the patches to put the size reduction changes first, and
> then enables signature verification to ensure the build can be bisected.
>
> The ymodem disable patch is dropped, as we fit cleanly under the 64KB
> boundary with the feature enabled.
>
> The general cleanup patch is dropped, except for the DOS_PARTITION
> change which was added to the SPL cleanup patch. These cleanups will be
> posted separately at a later date.
>
>            Size   Delta
>  HEAD     44054
>  patch 1  43442    -612
>  patch 2  42337   -1105
>  patch 3  42337       0
>  patch 4  63378  +21041

I've merged this series into the v2019.04-aspeed-openbmc branch and
submitted a bump to gerrit:

 https://gerrit.openbmc-project.xyz/c/openbmc/openbmc/+/40076

Cheers,

Joel