[PATCH v2 10/10] arm: mach-k3: common: re-locate authentication for atf/optee
Manorit Chawdhry
m-chawdhry at ti.com
Fri Apr 14 06:18:01 CEST 2023
For setting up the master firewalls present in the K3 SoCs, the arm64
clusters need to be powered on.
Re-locates the code for atf/optee authentication.
Signed-off-by: Manorit Chawdhry <m-chawdhry at ti.com>
---
arch/arm/mach-k3/common.c | 35 +++++++++++++++++++++++++++++++++--
1 file changed, 33 insertions(+), 2 deletions(-)
diff --git a/arch/arm/mach-k3/common.c b/arch/arm/mach-k3/common.c
index a2adb791f6c0..6a2ba21c4794 100644
--- a/arch/arm/mach-k3/common.c
+++ b/arch/arm/mach-k3/common.c
@@ -227,6 +227,31 @@ void __noreturn jump_to_image_no_args(struct spl_image_info *spl_image)
if (ret)
panic("%s: ATF failed to load on rproc (%d)\n", __func__, ret);
+#if (CONFIG_IS_ENABLED(FIT_IMAGE_POST_PROCESS) && IS_ENABLED(CONFIG_SYS_K3_SPL_ATF))
+ /* Authenticate ATF */
+ void *image_addr = (void *)fit_image_info[IMAGE_ID_ATF].image_start;
+
+ debug("%s: Authenticating image: addr=%lx, size=%ld, os=%s\n", __func__,
+ fit_image_info[IMAGE_ID_ATF].image_start,
+ fit_image_info[IMAGE_ID_ATF].image_len,
+ image_os_match[IMAGE_ID_ATF]);
+
+ ti_secure_image_post_process(&image_addr,
+ (size_t *)&fit_image_info[IMAGE_ID_ATF].image_len);
+
+ /* Authenticate OPTEE */
+ image_addr = (void *)fit_image_info[IMAGE_ID_OPTEE].image_start;
+
+ debug("%s: Authenticating image: addr=%lx, size=%ld, os=%s\n", __func__,
+ fit_image_info[IMAGE_ID_OPTEE].image_start,
+ fit_image_info[IMAGE_ID_OPTEE].image_len,
+ image_os_match[IMAGE_ID_OPTEE]);
+
+ ti_secure_image_post_process(&image_addr,
+ (size_t *)&fit_image_info[IMAGE_ID_OPTEE].image_len);
+
+#endif
+
if (!fit_image_info[IMAGE_ID_DM_FW].image_len &&
!(size > 0 && valid_elf_image(loadaddr))) {
shut_cpu = 1;
@@ -288,9 +313,15 @@ void board_fit_image_post_process(const void *fit, int node, void **p_image,
break;
}
}
+ /*
+ * Only DM and the DTBs are being authenticated here,
+ * rest will be authenticated when A72 cluster is up
+ */
+ if ((i != IMAGE_ID_ATF) && (i != IMAGE_ID_OPTEE))
#endif
-
- ti_secure_image_post_process(p_image, p_size);
+ {
+ ti_secure_image_post_process(p_image, p_size);
+ }
}
#endif
--
2.34.1
More information about the U-Boot
mailing list