| Message ID | 1515209665-615-3-git-send-email-sumit.garg@nxp.com |
|---|---|
| State | Accepted |
| Delegated to: | York Sun |
| Headers | show |
| Series | [U-Boot,v2,1/3] armv8: fsl-layerscape: SPL size reduction | expand |
On 01/05/2018 08:00 AM, Sumit Garg wrote: > Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com> > Signed-off-by: Sumit Garg <sumit.garg@nxp.com> > --- > > Changes in v2: > Rebased to top of master > > arch/arm/include/asm/fsl_secure_boot.h | 16 ++++---- > board/freescale/ls1088a/MAINTAINERS | 5 +++ > .../ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig | 45 ++++++++++++++++++++++ > include/configs/ls1088a_common.h | 15 +++++++- > 4 files changed, 72 insertions(+), 9 deletions(-) > create mode 100644 configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig > > diff --git a/arch/arm/include/asm/fsl_secure_boot.h b/arch/arm/include/asm/fsl_secure_boot.h > index ec6463d..3f30470 100644 > --- a/arch/arm/include/asm/fsl_secure_boot.h > +++ b/arch/arm/include/asm/fsl_secure_boot.h > @@ -26,6 +26,14 @@ > > #define CONFIG_KEY_REVOCATION > > +#if defined(CONFIG_FSL_LAYERSCAPE) > +/* > + * For fsl layerscape based platforms, ESBC image Address in Header > + * is 64 bit. > + */ > +#define CONFIG_ESBC_ADDR_64BIT > +#endif > + > #ifndef CONFIG_SPL_BUILD > #ifndef CONFIG_SYS_RAMBOOT > /* The key used for verification of next level images > @@ -42,14 +50,6 @@ > > #endif > > -#if defined(CONFIG_FSL_LAYERSCAPE) > -/* > - * For fsl layerscape based platforms, ESBC image Address in Header > - * is 64 bit. > - */ > -#define CONFIG_ESBC_ADDR_64BIT > -#endif > - > #ifdef CONFIG_ARCH_LS2080A > #define CONFIG_EXTRA_ENV \ > "setenv fdt_high 0xa0000000;" \ > diff --git a/board/freescale/ls1088a/MAINTAINERS b/board/freescale/ls1088a/MAINTAINERS > index de3961d..371e5db 100644 > --- a/board/freescale/ls1088a/MAINTAINERS > +++ b/board/freescale/ls1088a/MAINTAINERS > @@ -27,3 +27,8 @@ M: Udit Agarwal <udit.agarwal@nxp.com> > M: Vinitha Pillai-B57223 <vinitha.pillai@nxp.com> > S: Maintained > F: configs/ls1088ardb_qspi_SECURE_BOOT_defconfig > + > +LS1088ARDB_SD_SECURE_BOOT BOARD > +M: Sumit Garg <sumit.garg@nxp.com> > +S: Maintained > +F: configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig > diff --git a/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig b/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig > new file mode 100644 > index 0000000..ba90e64 > --- /dev/null > +++ b/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig > @@ -0,0 +1,45 @@ > +CONFIG_ARM=y > +CONFIG_TARGET_LS1088ARDB=y > +CONFIG_SPL_LIBCOMMON_SUPPORT=y > +CONFIG_SPL_LIBGENERIC_SUPPORT=y > +CONFIG_FSL_LS_PPA=y > +CONFIG_SPL_MMC_SUPPORT=y > +CONFIG_SPL_SERIAL_SUPPORT=y > +CONFIG_SPL_DRIVERS_MISC_SUPPORT=y > +CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1088a-rdb" > +CONFIG_DISTRO_DEFAULTS=y > +# CONFIG_SYS_MALLOC_F is not set > +CONFIG_FIT_VERBOSE=y > +CONFIG_OF_BOARD_SETUP=y > +CONFIG_SYS_EXTRA_OPTIONS="SD_BOOT_QSPI" > +CONFIG_SECURE_BOOT=y > +CONFIG_SD_BOOT=y > +# CONFIG_USE_BOOTCOMMAND is not set > +# CONFIG_DISPLAY_BOARDINFO is not set > +CONFIG_SPL=y > +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y > +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x8b0 > +CONFIG_SPL_ENV_SUPPORT=y > +CONFIG_SPL_I2C_SUPPORT=y > +CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y > +CONFIG_CMD_I2C=y > +CONFIG_CMD_MMC=y > +CONFIG_CMD_SF=y > +# CONFIG_CMD_SETEXPR is not set > +CONFIG_OF_CONTROL=y > +CONFIG_ENV_IS_IN_MMC=y This looks wrong. For secure boot you don't use env, do you? If you agree I can drop this line when applying this patch. York
> -----Original Message----- > From: York Sun > Sent: Thursday, January 11, 2018 1:03 AM > To: Sumit Garg <sumit.garg@nxp.com>; u-boot@lists.denx.de > Cc: Ruchika Gupta <ruchika.gupta@nxp.com>; Prabhakar Kushwaha > <prabhakar.kushwaha@nxp.com>; Ashish Kumar <ashish.kumar@nxp.com>; > Udit Agarwal <udit.agarwal@nxp.com> > Subject: Re: [PATCH v2 3/3] ls1088ardb: Add SD Secure boot target support > > On 01/05/2018 08:00 AM, Sumit Garg wrote: > > Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com> > > Signed-off-by: Sumit Garg <sumit.garg@nxp.com> > > --- > > > > Changes in v2: > > Rebased to top of master > > > > arch/arm/include/asm/fsl_secure_boot.h | 16 ++++---- > > board/freescale/ls1088a/MAINTAINERS | 5 +++ > > .../ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig | 45 > ++++++++++++++++++++++ > > include/configs/ls1088a_common.h | 15 +++++++- > > 4 files changed, 72 insertions(+), 9 deletions(-) create mode 100644 > > configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig > > > > diff --git a/arch/arm/include/asm/fsl_secure_boot.h > > b/arch/arm/include/asm/fsl_secure_boot.h > > index ec6463d..3f30470 100644 > > --- a/arch/arm/include/asm/fsl_secure_boot.h > > +++ b/arch/arm/include/asm/fsl_secure_boot.h > > @@ -26,6 +26,14 @@ > > > > #define CONFIG_KEY_REVOCATION > > > > +#if defined(CONFIG_FSL_LAYERSCAPE) > > +/* > > + * For fsl layerscape based platforms, ESBC image Address in Header > > + * is 64 bit. > > + */ > > +#define CONFIG_ESBC_ADDR_64BIT > > +#endif > > + > > #ifndef CONFIG_SPL_BUILD > > #ifndef CONFIG_SYS_RAMBOOT > > /* The key used for verification of next level images @@ -42,14 +50,6 > > @@ > > > > #endif > > > > -#if defined(CONFIG_FSL_LAYERSCAPE) > > -/* > > - * For fsl layerscape based platforms, ESBC image Address in Header > > - * is 64 bit. > > - */ > > -#define CONFIG_ESBC_ADDR_64BIT > > -#endif > > - > > #ifdef CONFIG_ARCH_LS2080A > > #define CONFIG_EXTRA_ENV \ > > "setenv fdt_high 0xa0000000;" \ > > diff --git a/board/freescale/ls1088a/MAINTAINERS > > b/board/freescale/ls1088a/MAINTAINERS > > index de3961d..371e5db 100644 > > --- a/board/freescale/ls1088a/MAINTAINERS > > +++ b/board/freescale/ls1088a/MAINTAINERS > > @@ -27,3 +27,8 @@ M: Udit Agarwal <udit.agarwal@nxp.com> > > M: Vinitha Pillai-B57223 <vinitha.pillai@nxp.com> > > S: Maintained > > F: configs/ls1088ardb_qspi_SECURE_BOOT_defconfig > > + > > +LS1088ARDB_SD_SECURE_BOOT BOARD > > +M: Sumit Garg <sumit.garg@nxp.com> > > +S: Maintained > > +F: configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig > > diff --git a/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig > > b/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig > > new file mode 100644 > > index 0000000..ba90e64 > > --- /dev/null > > +++ b/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig > > @@ -0,0 +1,45 @@ > > +CONFIG_ARM=y > > +CONFIG_TARGET_LS1088ARDB=y > > +CONFIG_SPL_LIBCOMMON_SUPPORT=y > > +CONFIG_SPL_LIBGENERIC_SUPPORT=y > > +CONFIG_FSL_LS_PPA=y > > +CONFIG_SPL_MMC_SUPPORT=y > > +CONFIG_SPL_SERIAL_SUPPORT=y > > +CONFIG_SPL_DRIVERS_MISC_SUPPORT=y > > +CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1088a-rdb" > > +CONFIG_DISTRO_DEFAULTS=y > > +# CONFIG_SYS_MALLOC_F is not set > > +CONFIG_FIT_VERBOSE=y > > +CONFIG_OF_BOARD_SETUP=y > > +CONFIG_SYS_EXTRA_OPTIONS="SD_BOOT_QSPI" > > +CONFIG_SECURE_BOOT=y > > +CONFIG_SD_BOOT=y > > +# CONFIG_USE_BOOTCOMMAND is not set > > +# CONFIG_DISPLAY_BOARDINFO is not set CONFIG_SPL=y > > +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y > > +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x8b0 > > +CONFIG_SPL_ENV_SUPPORT=y > > +CONFIG_SPL_I2C_SUPPORT=y > > +CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y > > +CONFIG_CMD_I2C=y > > +CONFIG_CMD_MMC=y > > +CONFIG_CMD_SF=y > > +# CONFIG_CMD_SETEXPR is not set > > +CONFIG_OF_CONTROL=y > > +CONFIG_ENV_IS_IN_MMC=y > > This looks wrong. For secure boot you don't use env, do you? If you agree I can > drop this line when applying this patch. > > York Yeah I agree with you. Please drop this config. -Sumit
On 01/05/2018 08:00 AM, Sumit Garg wrote: > Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com> > Signed-off-by: Sumit Garg <sumit.garg@nxp.com> > --- > > Changes in v2: > Rebased to top of master Dropped CONFIG_ENV_IS_IN_MMC=y from defconfig file. Applied to fsl-qoriq master. Thanks. York
diff --git a/arch/arm/include/asm/fsl_secure_boot.h b/arch/arm/include/asm/fsl_secure_boot.h index ec6463d..3f30470 100644 --- a/arch/arm/include/asm/fsl_secure_boot.h +++ b/arch/arm/include/asm/fsl_secure_boot.h @@ -26,6 +26,14 @@ #define CONFIG_KEY_REVOCATION +#if defined(CONFIG_FSL_LAYERSCAPE) +/* + * For fsl layerscape based platforms, ESBC image Address in Header + * is 64 bit. + */ +#define CONFIG_ESBC_ADDR_64BIT +#endif + #ifndef CONFIG_SPL_BUILD #ifndef CONFIG_SYS_RAMBOOT /* The key used for verification of next level images @@ -42,14 +50,6 @@ #endif -#if defined(CONFIG_FSL_LAYERSCAPE) -/* - * For fsl layerscape based platforms, ESBC image Address in Header - * is 64 bit. - */ -#define CONFIG_ESBC_ADDR_64BIT -#endif - #ifdef CONFIG_ARCH_LS2080A #define CONFIG_EXTRA_ENV \ "setenv fdt_high 0xa0000000;" \ diff --git a/board/freescale/ls1088a/MAINTAINERS b/board/freescale/ls1088a/MAINTAINERS index de3961d..371e5db 100644 --- a/board/freescale/ls1088a/MAINTAINERS +++ b/board/freescale/ls1088a/MAINTAINERS @@ -27,3 +27,8 @@ M: Udit Agarwal <udit.agarwal@nxp.com> M: Vinitha Pillai-B57223 <vinitha.pillai@nxp.com> S: Maintained F: configs/ls1088ardb_qspi_SECURE_BOOT_defconfig + +LS1088ARDB_SD_SECURE_BOOT BOARD +M: Sumit Garg <sumit.garg@nxp.com> +S: Maintained +F: configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig diff --git a/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig b/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig new file mode 100644 index 0000000..ba90e64 --- /dev/null +++ b/configs/ls1088ardb_sdcard_qspi_SECURE_BOOT_defconfig @@ -0,0 +1,45 @@ +CONFIG_ARM=y +CONFIG_TARGET_LS1088ARDB=y +CONFIG_SPL_LIBCOMMON_SUPPORT=y +CONFIG_SPL_LIBGENERIC_SUPPORT=y +CONFIG_FSL_LS_PPA=y +CONFIG_SPL_MMC_SUPPORT=y +CONFIG_SPL_SERIAL_SUPPORT=y +CONFIG_SPL_DRIVERS_MISC_SUPPORT=y +CONFIG_DEFAULT_DEVICE_TREE="fsl-ls1088a-rdb" +CONFIG_DISTRO_DEFAULTS=y +# CONFIG_SYS_MALLOC_F is not set +CONFIG_FIT_VERBOSE=y +CONFIG_OF_BOARD_SETUP=y +CONFIG_SYS_EXTRA_OPTIONS="SD_BOOT_QSPI" +CONFIG_SECURE_BOOT=y +CONFIG_SD_BOOT=y +# CONFIG_USE_BOOTCOMMAND is not set +# CONFIG_DISPLAY_BOARDINFO is not set +CONFIG_SPL=y +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_USE_SECTOR=y +CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x8b0 +CONFIG_SPL_ENV_SUPPORT=y +CONFIG_SPL_I2C_SUPPORT=y +CONFIG_SPL_MPC8XXX_INIT_DDR_SUPPORT=y +CONFIG_CMD_I2C=y +CONFIG_CMD_MMC=y +CONFIG_CMD_SF=y +# CONFIG_CMD_SETEXPR is not set +CONFIG_OF_CONTROL=y +CONFIG_ENV_IS_IN_MMC=y +CONFIG_NET_RANDOM_ETHADDR=y +CONFIG_DM=y +CONFIG_SPL_DM=y +CONFIG_SCSI_AHCI=y +CONFIG_DM_SPI_FLASH=y +CONFIG_SPI_FLASH=y +CONFIG_NETDEVICES=y +CONFIG_E1000=y +CONFIG_SYS_NS16550=y +CONFIG_DM_SPI=y +CONFIG_FSL_DSPI=y +CONFIG_RSA=y +CONFIG_SPL_RSA=y +CONFIG_SPL_CRYPTO_SUPPORT=y +CONFIG_SPL_HASH_SUPPORT=y diff --git a/include/configs/ls1088a_common.h b/include/configs/ls1088a_common.h index 13b5e8b..e684884 100644 --- a/include/configs/ls1088a_common.h +++ b/include/configs/ls1088a_common.h @@ -254,7 +254,20 @@ unsigned long long get_qixis_addr(void); #define CONFIG_SYS_SPL_MALLOC_SIZE 0x00100000 #define CONFIG_SYS_SPL_MALLOC_START 0x80200000 -#define CONFIG_SYS_MONITOR_LEN (512 * 1024) + +#ifdef CONFIG_SECURE_BOOT +#define CONFIG_U_BOOT_HDR_SIZE (16 << 10) +/* + * HDR would be appended at end of image and copied to DDR along + * with U-Boot image. Here u-boot max. size is 512K. So if binary + * size increases then increase this size in case of secure boot as + * it uses raw u-boot image instead of fit image. + */ +#define CONFIG_SYS_MONITOR_LEN (0x100000 + CONFIG_U_BOOT_HDR_SIZE) +#else +#define CONFIG_SYS_MONITOR_LEN 0x100000 +#endif /* ifdef CONFIG_SECURE_BOOT */ + #endif #define CONFIG_SYS_BOOTM_LEN (64 << 20) /* Increase max gunzip size */