| Message ID | 20231011110932.4425-4-sebastien.szymanski@armadeus.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series | i.MX91 and i.MX93 support | expand |
Hi, On Wed, Oct 11, 2023 at 01:09:31PM +0200, Sébastien Szymanski wrote: > This package provides firmware blobs for the i.MX9 Edgelock secure > enclave (ELE). This actually not only for i.MX 9 but also for i.MX 8ULP. I suggest adding the release this version comes from (6.1.36-2.1.0). > Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com> > --- > package/freescale-imx/Config.in | 1 + > .../freescale-imx/firmware-sentinel/Config.in | 34 +++++++++++++++++++ > .../firmware-sentinel/firmware-sentinel.hash | 4 +++ > .../firmware-sentinel/firmware-sentinel.mk | 27 +++++++++++++++ > 4 files changed, 66 insertions(+) > create mode 100644 package/freescale-imx/firmware-sentinel/Config.in > create mode 100644 package/freescale-imx/firmware-sentinel/firmware-sentinel.hash > create mode 100644 package/freescale-imx/firmware-sentinel/firmware-sentinel.mk > > diff --git a/package/freescale-imx/Config.in b/package/freescale-imx/Config.in > index 192b1c0d70d1..4d31bcc4f4cf 100644 > --- a/package/freescale-imx/Config.in > +++ b/package/freescale-imx/Config.in > @@ -126,6 +126,7 @@ source "package/freescale-imx/imx-vpu/Config.in" > source "package/freescale-imx/imx-vpu-hantro/Config.in" > source "package/freescale-imx/imx-vpuwrap/Config.in" > source "package/freescale-imx/firmware-imx/Config.in" > +source "package/freescale-imx/firmware-sentinel/Config.in" > source "package/freescale-imx/imx-sc-firmware/Config.in" > source "package/freescale-imx/imx-seco/Config.in" > source "package/freescale-imx/imx-vpu-hantro-daemon/Config.in" > diff --git a/package/freescale-imx/firmware-sentinel/Config.in b/package/freescale-imx/firmware-sentinel/Config.in > new file mode 100644 > index 000000000000..9ceecd5a39dc > --- /dev/null > +++ b/package/freescale-imx/firmware-sentinel/Config.in > @@ -0,0 +1,34 @@ > +config BR2_PACKAGE_FIRMWARE_SENTINEL > + bool "firmware-sentinel" > + depends on BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX91 || \ > + BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX93 > + help > + Firmware blobs for the i.MX9 Edgelock secure enclave (ELE). ditto. > + This library is provided by Freescale as-is and doesn't have > + an upstream. s/Freescale/NXP/ > +if BR2_PACKAGE_FIRMWARE_SENTINEL > + > +choice > + prompt "i.MX Sentinel Firmware Release" > + help > + Select the appropriate ahab container image to install > + to match the iMX asics revision. > + > + Note - mismatches result in a failure to boot > + > +config BR2_PACKAGE_FIRMWARE_SENTINEL_A0 > + bool "A0" > + > +config BR2_PACKAGE_FIRMWARE_SENTINEL_A1 > + bool "A1" > + > +endchoice I don't think this is the right approach as this package exists for several CPU types (8ULP & 93). Moreover, for the 8ULP, which I plan on adding soon-ish, there is even more revisions which are used in more than 1 package (firmware-upower). Also, that revision really is a Silicon version more than a firmware release like the title suggests. Overall, my suggestion would be to move the Silicon version to freescale-imx/Config.in to be selected at the same time the CPU is selected. Also, the default Silicon revision should always be the latest. > +config BR2_PACKAGE_FIRMWARE_SENTINEL_AHAB_CONTAINER_IMAGE > + string > + default "mx93a0-ahab-container.img" if BR2_PACKAGE_FIRMWARE_SENTINEL_A0 > + default "mx93a1-ahab-container.img" if BR2_PACKAGE_FIRMWARE_SENTINEL_A1 > + > +endif # BR2_PACKAGE_FIRMWARE_SENTINEL > diff --git a/package/freescale-imx/firmware-sentinel/firmware-sentinel.hash b/package/freescale-imx/firmware-sentinel/firmware-sentinel.hash > new file mode 100644 > index 000000000000..1a9ff0543250 > --- /dev/null > +++ b/package/freescale-imx/firmware-sentinel/firmware-sentinel.hash > @@ -0,0 +1,4 @@ > +# Locally calculated > +sha256 269480417a8ae9aa4cc4101ab947287fc33455a931021dbdc4d9badb5212bceb firmware-sentinel-0.11.bin > +sha256 de37a0bcbf1717b910c1a53ea6eab853c404e61e8143bb6c081d39f532571e54 COPYING > +sha256 c800aaca3a7e9f470d99d7cde0a48c95982ed601d4c306f7b8f43f3710054f28 SCR.txt > diff --git a/package/freescale-imx/firmware-sentinel/firmware-sentinel.mk b/package/freescale-imx/firmware-sentinel/firmware-sentinel.mk > new file mode 100644 > index 000000000000..f68467194cbc > --- /dev/null > +++ b/package/freescale-imx/firmware-sentinel/firmware-sentinel.mk > @@ -0,0 +1,27 @@ > +################################################################################ > +# > +# firmware-sentinel > +# > +################################################################################ > + > +FIRMWARE_SENTINEL_VERSION = 0.11 > +FIRMWARE_SENTINEL_SITE = $(FREESCALE_IMX_SITE) > +FIRMWARE_SENTINEL_SOURCE = firmware-sentinel-$(FIRMWARE_SENTINEL_VERSION).bin > + > +FIRMWARE_SENTINEL_LICENSE = NXP Semiconductor Software License Agreement > +FIRMWARE_SENTINEL_LICENSE_FILES = COPYING SCR.txt > +FIRMWARE_SENTINEL_REDISTRIBUTE = NO > + > +FIRMWARE_SENTINEL_INSTALL_IMAGES = YES > + > +define FIRMWARE_SENTINEL_EXTRACT_CMDS > + $(call NXP_EXTRACT_HELPER,$(FIRMWARE_SENTINEL_DL_DIR)/$(FIRMWARE_SENTINEL_SOURCE)) > +endef > + > +FIRMWARE_SENTINEL_AHAB_CONTAINER_IMAGE = $(call qstrip,$(BR2_PACKAGE_FIRMWARE_SENTINEL_AHAB_CONTAINER_IMAGE)) > + > +define FIRMWARE_SENTINEL_INSTALL_IMAGES_CMDS > + cp $(@D)/$(FIRMWARE_SENTINEL_AHAB_CONTAINER_IMAGE) $(BINARIES_DIR)/ahab-container.img > +endef > + > +$(eval $(generic-package)) The rest of the patch looks good! Thanks, Gary
diff --git a/package/freescale-imx/Config.in b/package/freescale-imx/Config.in index 192b1c0d70d1..4d31bcc4f4cf 100644 --- a/package/freescale-imx/Config.in +++ b/package/freescale-imx/Config.in @@ -126,6 +126,7 @@ source "package/freescale-imx/imx-vpu/Config.in" source "package/freescale-imx/imx-vpu-hantro/Config.in" source "package/freescale-imx/imx-vpuwrap/Config.in" source "package/freescale-imx/firmware-imx/Config.in" +source "package/freescale-imx/firmware-sentinel/Config.in" source "package/freescale-imx/imx-sc-firmware/Config.in" source "package/freescale-imx/imx-seco/Config.in" source "package/freescale-imx/imx-vpu-hantro-daemon/Config.in" diff --git a/package/freescale-imx/firmware-sentinel/Config.in b/package/freescale-imx/firmware-sentinel/Config.in new file mode 100644 index 000000000000..9ceecd5a39dc --- /dev/null +++ b/package/freescale-imx/firmware-sentinel/Config.in @@ -0,0 +1,34 @@ +config BR2_PACKAGE_FIRMWARE_SENTINEL + bool "firmware-sentinel" + depends on BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX91 || \ + BR2_PACKAGE_FREESCALE_IMX_PLATFORM_IMX93 + help + Firmware blobs for the i.MX9 Edgelock secure enclave (ELE). + + This library is provided by Freescale as-is and doesn't have + an upstream. + +if BR2_PACKAGE_FIRMWARE_SENTINEL + +choice + prompt "i.MX Sentinel Firmware Release" + help + Select the appropriate ahab container image to install + to match the iMX asics revision. + + Note - mismatches result in a failure to boot + +config BR2_PACKAGE_FIRMWARE_SENTINEL_A0 + bool "A0" + +config BR2_PACKAGE_FIRMWARE_SENTINEL_A1 + bool "A1" + +endchoice + +config BR2_PACKAGE_FIRMWARE_SENTINEL_AHAB_CONTAINER_IMAGE + string + default "mx93a0-ahab-container.img" if BR2_PACKAGE_FIRMWARE_SENTINEL_A0 + default "mx93a1-ahab-container.img" if BR2_PACKAGE_FIRMWARE_SENTINEL_A1 + +endif # BR2_PACKAGE_FIRMWARE_SENTINEL diff --git a/package/freescale-imx/firmware-sentinel/firmware-sentinel.hash b/package/freescale-imx/firmware-sentinel/firmware-sentinel.hash new file mode 100644 index 000000000000..1a9ff0543250 --- /dev/null +++ b/package/freescale-imx/firmware-sentinel/firmware-sentinel.hash @@ -0,0 +1,4 @@ +# Locally calculated +sha256 269480417a8ae9aa4cc4101ab947287fc33455a931021dbdc4d9badb5212bceb firmware-sentinel-0.11.bin +sha256 de37a0bcbf1717b910c1a53ea6eab853c404e61e8143bb6c081d39f532571e54 COPYING +sha256 c800aaca3a7e9f470d99d7cde0a48c95982ed601d4c306f7b8f43f3710054f28 SCR.txt diff --git a/package/freescale-imx/firmware-sentinel/firmware-sentinel.mk b/package/freescale-imx/firmware-sentinel/firmware-sentinel.mk new file mode 100644 index 000000000000..f68467194cbc --- /dev/null +++ b/package/freescale-imx/firmware-sentinel/firmware-sentinel.mk @@ -0,0 +1,27 @@ +################################################################################ +# +# firmware-sentinel +# +################################################################################ + +FIRMWARE_SENTINEL_VERSION = 0.11 +FIRMWARE_SENTINEL_SITE = $(FREESCALE_IMX_SITE) +FIRMWARE_SENTINEL_SOURCE = firmware-sentinel-$(FIRMWARE_SENTINEL_VERSION).bin + +FIRMWARE_SENTINEL_LICENSE = NXP Semiconductor Software License Agreement +FIRMWARE_SENTINEL_LICENSE_FILES = COPYING SCR.txt +FIRMWARE_SENTINEL_REDISTRIBUTE = NO + +FIRMWARE_SENTINEL_INSTALL_IMAGES = YES + +define FIRMWARE_SENTINEL_EXTRACT_CMDS + $(call NXP_EXTRACT_HELPER,$(FIRMWARE_SENTINEL_DL_DIR)/$(FIRMWARE_SENTINEL_SOURCE)) +endef + +FIRMWARE_SENTINEL_AHAB_CONTAINER_IMAGE = $(call qstrip,$(BR2_PACKAGE_FIRMWARE_SENTINEL_AHAB_CONTAINER_IMAGE)) + +define FIRMWARE_SENTINEL_INSTALL_IMAGES_CMDS + cp $(@D)/$(FIRMWARE_SENTINEL_AHAB_CONTAINER_IMAGE) $(BINARIES_DIR)/ahab-container.img +endef + +$(eval $(generic-package))
This package provides firmware blobs for the i.MX9 Edgelock secure enclave (ELE). Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com> --- package/freescale-imx/Config.in | 1 + .../freescale-imx/firmware-sentinel/Config.in | 34 +++++++++++++++++++ .../firmware-sentinel/firmware-sentinel.hash | 4 +++ .../firmware-sentinel/firmware-sentinel.mk | 27 +++++++++++++++ 4 files changed, 66 insertions(+) create mode 100644 package/freescale-imx/firmware-sentinel/Config.in create mode 100644 package/freescale-imx/firmware-sentinel/firmware-sentinel.hash create mode 100644 package/freescale-imx/firmware-sentinel/firmware-sentinel.mk