[PATCH] ls1021atwr: caam: Enable Uboot validaion in SPL.
Gaurav Jain
gaurav.jain at nxp.com
Thu Jun 23 13:01:35 CEST 2022
caam driver model enabled in spl for secure boot.
fsl_rsa_mod_exp driver enabled in spl for validating uboot image.
Signed-off-by: Gaurav Jain <gaurav.jain at nxp.com>
---
MAINTAINERS | 1 +
arch/arm/dts/ls1021a-twr-u-boot.dtsi | 29 +++++++++++++++++++++
arch/arm/dts/ls1021a-twr.dtsi | 1 +
board/freescale/common/fsl_chain_of_trust.c | 6 +----
board/freescale/common/fsl_validate.c | 10 ++++++-
board/freescale/ls1021atwr/ls1021atwr.c | 13 +++++++--
6 files changed, 52 insertions(+), 8 deletions(-)
create mode 100644 arch/arm/dts/ls1021a-twr-u-boot.dtsi
diff --git a/MAINTAINERS b/MAINTAINERS
index 28e4d38238..d9bfb307ef 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1450,5 +1450,6 @@ F: */
CAAM
M: Gaurav Jain <gaurav.jain at nxp.com>
S: Maintained
+F: arch/arm/dts/ls1021a-twr-u-boot.dtsi
F: drivers/crypto/fsl/
F: include/fsl_sec.h
diff --git a/arch/arm/dts/ls1021a-twr-u-boot.dtsi b/arch/arm/dts/ls1021a-twr-u-boot.dtsi
new file mode 100644
index 0000000000..3711e42419
--- /dev/null
+++ b/arch/arm/dts/ls1021a-twr-u-boot.dtsi
@@ -0,0 +1,29 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright 2022 NXP
+ */
+
+&{/soc} {
+ u-boot,dm-spl;
+ u-boot,dm-pre-reloc;
+};
+
+&crypto {
+ u-boot,dm-spl;
+};
+
+&sec_jr0 {
+ u-boot,dm-spl;
+};
+
+&sec_jr1 {
+ u-boot,dm-spl;
+};
+
+&sec_jr2 {
+ u-boot,dm-spl;
+};
+
+&sec_jr3 {
+ u-boot,dm-spl;
+};
diff --git a/arch/arm/dts/ls1021a-twr.dtsi b/arch/arm/dts/ls1021a-twr.dtsi
index bf96af7e36..82df2f11bb 100644
--- a/arch/arm/dts/ls1021a-twr.dtsi
+++ b/arch/arm/dts/ls1021a-twr.dtsi
@@ -6,6 +6,7 @@
*/
#include "ls1021a.dtsi"
+#include "ls1021a-twr-u-boot.dtsi"
/ {
model = "LS1021A TWR Board";
diff --git a/board/freescale/common/fsl_chain_of_trust.c b/board/freescale/common/fsl_chain_of_trust.c
index 7ffb315bc9..1b9733cf83 100644
--- a/board/freescale/common/fsl_chain_of_trust.c
+++ b/board/freescale/common/fsl_chain_of_trust.c
@@ -1,6 +1,7 @@
// SPDX-License-Identifier: GPL-2.0+
/*
* Copyright 2015 Freescale Semiconductor, Inc.
+ * Copyright 2022 NXP
*/
#include <common.h>
@@ -113,11 +114,6 @@ void spl_validate_uboot(uint32_t hdr_addr, uintptr_t img_addr)
fsl_secboot_handle_error(ERROR_ESBC_PAMU_INIT);
#endif
-#ifdef CONFIG_FSL_CAAM
- if (sec_init() < 0)
- fsl_secboot_handle_error(ERROR_ESBC_SEC_INIT);
-#endif
-
/*
* dm_init_and_scan() is called as part of common SPL framework, so no
* need to call it again but in case of powerpc platforms which currently
diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c
index 34875d0b8f..569a8c4655 100644
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -1,7 +1,7 @@
// SPDX-License-Identifier: GPL-2.0+
/*
* Copyright 2015 Freescale Semiconductor, Inc.
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
*/
#include <common.h>
@@ -20,6 +20,7 @@
#ifdef CONFIG_ARCH_LS1021A
#include <asm/arch/immap_ls102xa.h>
#endif
+#include <dm/lists.h>
#define SHA256_BITS 256
#define SHA256_BYTES (256/8)
@@ -806,6 +807,13 @@ static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img)
prop.num_bits = key_len * 8;
prop.exp_len = key_len;
+#if defined(CONFIG_SPL_BUILD)
+ ret = device_bind_driver(NULL, "fsl_rsa_mod_exp", "fsl_rsa_mod_exp", NULL);
+ if (ret) {
+ printf("Couldn't bind fsl_rsa_mod_exp driver (%d)\n", ret);
+ return -EINVAL;
+ }
+#endif
ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
if (ret) {
printf("RSA: Can't find Modular Exp implementation\n");
diff --git a/board/freescale/ls1021atwr/ls1021atwr.c b/board/freescale/ls1021atwr/ls1021atwr.c
index a3aa84deb2..746b35a678 100644
--- a/board/freescale/ls1021atwr/ls1021atwr.c
+++ b/board/freescale/ls1021atwr/ls1021atwr.c
@@ -1,7 +1,7 @@
// SPDX-License-Identifier: GPL-2.0+
/*
* Copyright 2014 Freescale Semiconductor, Inc.
- * Copyright 2019, 2021 NXP
+ * Copyright 2019, 2021-2022 NXP
*/
#include <common.h>
@@ -34,7 +34,7 @@
#include <fsl_qe.h>
#endif
#include <fsl_validate.h>
-
+#include <dm/uclass.h>
DECLARE_GLOBAL_DATA_PTR;
@@ -530,6 +530,15 @@ int board_init(void)
#if defined(CONFIG_SPL_BUILD)
void spl_board_init(void)
{
+ if (IS_ENABLED(CONFIG_FSL_CAAM)) {
+ struct udevice *dev;
+ int ret;
+
+ ret = uclass_get_device_by_driver(UCLASS_MISC, DM_DRIVER_GET(caam_jr), &dev);
+ if (ret)
+ printf("Failed to initialize caam_jr: %d\n", ret);
+ }
+
ls102xa_smmu_stream_id_init();
}
#endif
--
2.25.1
More information about the U-Boot
mailing list