[PATCH] ls1021atwr: caam: Enable Uboot validaion in SPL.

Gaurav Jain gaurav.jain at nxp.com
Thu Jun 23 13:01:35 CEST 2022


caam driver model enabled in spl for secure boot.
fsl_rsa_mod_exp driver enabled in spl for validating uboot image.

Signed-off-by: Gaurav Jain <gaurav.jain at nxp.com>
---
 MAINTAINERS                                 |  1 +
 arch/arm/dts/ls1021a-twr-u-boot.dtsi        | 29 +++++++++++++++++++++
 arch/arm/dts/ls1021a-twr.dtsi               |  1 +
 board/freescale/common/fsl_chain_of_trust.c |  6 +----
 board/freescale/common/fsl_validate.c       | 10 ++++++-
 board/freescale/ls1021atwr/ls1021atwr.c     | 13 +++++++--
 6 files changed, 52 insertions(+), 8 deletions(-)
 create mode 100644 arch/arm/dts/ls1021a-twr-u-boot.dtsi

diff --git a/MAINTAINERS b/MAINTAINERS
index 28e4d38238..d9bfb307ef 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1450,5 +1450,6 @@ F:	*/
 CAAM
 M:	Gaurav Jain <gaurav.jain at nxp.com>
 S:	Maintained
+F:	arch/arm/dts/ls1021a-twr-u-boot.dtsi
 F:	drivers/crypto/fsl/
 F:	include/fsl_sec.h
diff --git a/arch/arm/dts/ls1021a-twr-u-boot.dtsi b/arch/arm/dts/ls1021a-twr-u-boot.dtsi
new file mode 100644
index 0000000000..3711e42419
--- /dev/null
+++ b/arch/arm/dts/ls1021a-twr-u-boot.dtsi
@@ -0,0 +1,29 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright 2022 NXP
+ */
+
+&{/soc} {
+	u-boot,dm-spl;
+	u-boot,dm-pre-reloc;
+};
+
+&crypto {
+	u-boot,dm-spl;
+};
+
+&sec_jr0 {
+	u-boot,dm-spl;
+};
+
+&sec_jr1 {
+	u-boot,dm-spl;
+};
+
+&sec_jr2 {
+	u-boot,dm-spl;
+};
+
+&sec_jr3 {
+	u-boot,dm-spl;
+};
diff --git a/arch/arm/dts/ls1021a-twr.dtsi b/arch/arm/dts/ls1021a-twr.dtsi
index bf96af7e36..82df2f11bb 100644
--- a/arch/arm/dts/ls1021a-twr.dtsi
+++ b/arch/arm/dts/ls1021a-twr.dtsi
@@ -6,6 +6,7 @@
  */
 
 #include "ls1021a.dtsi"
+#include "ls1021a-twr-u-boot.dtsi"
 
 / {
 	model = "LS1021A TWR Board";
diff --git a/board/freescale/common/fsl_chain_of_trust.c b/board/freescale/common/fsl_chain_of_trust.c
index 7ffb315bc9..1b9733cf83 100644
--- a/board/freescale/common/fsl_chain_of_trust.c
+++ b/board/freescale/common/fsl_chain_of_trust.c
@@ -1,6 +1,7 @@
 // SPDX-License-Identifier: GPL-2.0+
 /*
  * Copyright 2015 Freescale Semiconductor, Inc.
+ * Copyright 2022 NXP
  */
 
 #include <common.h>
@@ -113,11 +114,6 @@ void spl_validate_uboot(uint32_t hdr_addr, uintptr_t img_addr)
 		fsl_secboot_handle_error(ERROR_ESBC_PAMU_INIT);
 #endif
 
-#ifdef CONFIG_FSL_CAAM
-	if (sec_init() < 0)
-		fsl_secboot_handle_error(ERROR_ESBC_SEC_INIT);
-#endif
-
 /*
  * dm_init_and_scan() is called as part of common SPL framework, so no
  * need to call it again but in case of powerpc platforms which currently
diff --git a/board/freescale/common/fsl_validate.c b/board/freescale/common/fsl_validate.c
index 34875d0b8f..569a8c4655 100644
--- a/board/freescale/common/fsl_validate.c
+++ b/board/freescale/common/fsl_validate.c
@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: GPL-2.0+
 /*
  * Copyright 2015 Freescale Semiconductor, Inc.
- * Copyright 2021 NXP
+ * Copyright 2021-2022 NXP
  */
 
 #include <common.h>
@@ -20,6 +20,7 @@
 #ifdef CONFIG_ARCH_LS1021A
 #include <asm/arch/immap_ls102xa.h>
 #endif
+#include <dm/lists.h>
 
 #define SHA256_BITS	256
 #define SHA256_BYTES	(256/8)
@@ -806,6 +807,13 @@ static int calculate_cmp_img_sig(struct fsl_secboot_img_priv *img)
 	prop.num_bits = key_len * 8;
 	prop.exp_len = key_len;
 
+#if defined(CONFIG_SPL_BUILD)
+	ret = device_bind_driver(NULL, "fsl_rsa_mod_exp", "fsl_rsa_mod_exp", NULL);
+	if (ret) {
+		printf("Couldn't bind fsl_rsa_mod_exp driver (%d)\n", ret);
+		return -EINVAL;
+	}
+#endif
 	ret = uclass_get_device(UCLASS_MOD_EXP, 0, &mod_exp_dev);
 	if (ret) {
 		printf("RSA: Can't find Modular Exp implementation\n");
diff --git a/board/freescale/ls1021atwr/ls1021atwr.c b/board/freescale/ls1021atwr/ls1021atwr.c
index a3aa84deb2..746b35a678 100644
--- a/board/freescale/ls1021atwr/ls1021atwr.c
+++ b/board/freescale/ls1021atwr/ls1021atwr.c
@@ -1,7 +1,7 @@
 // SPDX-License-Identifier: GPL-2.0+
 /*
  * Copyright 2014 Freescale Semiconductor, Inc.
- * Copyright 2019, 2021 NXP
+ * Copyright 2019, 2021-2022 NXP
  */
 
 #include <common.h>
@@ -34,7 +34,7 @@
 #include <fsl_qe.h>
 #endif
 #include <fsl_validate.h>
-
+#include <dm/uclass.h>
 
 DECLARE_GLOBAL_DATA_PTR;
 
@@ -530,6 +530,15 @@ int board_init(void)
 #if defined(CONFIG_SPL_BUILD)
 void spl_board_init(void)
 {
+	if (IS_ENABLED(CONFIG_FSL_CAAM)) {
+		struct udevice *dev;
+		int ret;
+
+		ret = uclass_get_device_by_driver(UCLASS_MISC, DM_DRIVER_GET(caam_jr), &dev);
+		if (ret)
+			printf("Failed to initialize caam_jr: %d\n", ret);
+	}
+
 	ls102xa_smmu_stream_id_init();
 }
 #endif
-- 
2.25.1



More information about the U-Boot mailing list