| Message ID | 20220506043759.8193-1-n-francis@ti.com |
|---|---|
| Headers | show |
| Series | Integration of sysfw, tispl and tiboot3 | expand |
On Fri, May 06, 2022 at 10:07:48AM +0530, Neha Malcom Francis wrote: > Devices that belong to the K3 architecture require SYSFW which is a FIT > image consisting of a signed system firmware image and board config > binaries. > > Board config binaries are needed to bring up SYSFW during U-Boot SPL > startup. The board config data is given in YAML as input. These board > configs contain board-specific information such as resource management, > power management and security. > > The following series intends to plumb the system firmware generation > into U-Boot using binman for packaging. Thus it will eliminate the need > for additional custom repositories for SYSFW generation and also moves t > owards the community standard build flow. We use binman to package > tiboot3.bin and sysfw.itb images. > > These images also require x509 certificates which are created using the > etype x509-cert. > > The series also plumbs the generation of tispl.bin into the build flow. > This image is required for loading u-boot in K3 devices. The image is > packaged using ATF, OPTEE and DM (Device Manager). > > Please note that the following series has implemented the above for > J721E general purpose board. The board configs and device trees added > are specific to J721E GP devices. > > Also note the introduction of three new etypes: ti-sysfw, ti-dm and > x509-cert. > > On running CI tests on Github, errors were produced during world builds > of keystone2_keystone3 and siemens (I0T2050 which is based on AM65x). > This patch series is intended for only J721E and future work is to expand > to the remaining K3 devices as well. The errors that come are mainly due > to the boards other than J721E trying to generate tispl.bin. > > v2: > - Added etype x509-cert for creating x509 Texas Instruments certificate > binary > - Added packaging of tiboot3.bin > - Packaging of tiboot3.bin and sysfw.itb using new etype x509 > - sysfw --> ti-sysfw > - Reformatted and re-arranged patches > - Removed k3_fit_atf.sh and k3_gen_x509_cert.sh as their functionality > is provided by binman now > > Neha Malcom Francis (11): > j721e_evm: schema: yaml: Add general schema and J721E board config > files > ti: tools: config: Add board config class to generate config binaries > ti: etype: sysfw: Add entry type for sysfw > ti: etype: dm: Add entry type for TI DM > ti: etype: x509: Add etype for x509 certificate for K3 devices > ti: sysfw: Add support for packaging sysfw.itb > ti: tiboot3.bin: Remove tiboot3.bin target from makefile > ti: tispl.bin: Removed script that packages tispl.bin > ti: x509: Remove shell script used for signing > ti: dtsi: j721e: Use binman to package sysfw.itb and tiboot3.bin > ti: dtsi: j721e: Use binman to package tispl.bin > > Makefile | 2 + > arch/arm/dts/k3-j721e-a72-binman.dtsi | 86 + > .../k3-j721e-common-proc-board-u-boot.dtsi | 1 + > arch/arm/dts/k3-j721e-r5-binman.dtsi | 88 + > .../k3-j721e-r5-common-proc-board-u-boot.dtsi | 1 + > arch/arm/mach-k3/config.mk | 64 +- > board/ti/common/schema.yaml | 355 ++ > board/ti/j721e/Kconfig | 2 + > board/ti/j721e/config.yaml | 3162 +++++++++++++++++ > scripts/Makefile.spl | 4 - > test/py/requirements.txt | 1 + > tools/binman/entries.rst | 36 + > tools/binman/etype/ti_dm.py | 23 + > tools/binman/etype/ti_sysfw.py | 28 + > tools/binman/etype/x509_cert.py | 248 ++ > tools/binman/ftest.py | 21 + > tools/binman/test/225_ti_dm.dts | 13 + > tools/binman/test/232_ti_sysfw.dts | 13 + > tools/binman/test/232_x509_cert.dts | 18 + > tools/k3_fit_atf.sh | 123 - > tools/k3_gen_x509_cert.sh | 252 -- > tools/tibcfg_gen.py | 114 + > 22 files changed, 4227 insertions(+), 428 deletions(-) > create mode 100644 arch/arm/dts/k3-j721e-a72-binman.dtsi > create mode 100644 arch/arm/dts/k3-j721e-r5-binman.dtsi > create mode 100644 board/ti/common/schema.yaml > create mode 100644 board/ti/j721e/config.yaml > create mode 100644 tools/binman/etype/ti_dm.py > create mode 100644 tools/binman/etype/ti_sysfw.py > create mode 100644 tools/binman/etype/x509_cert.py > create mode 100644 tools/binman/test/225_ti_dm.dts > create mode 100644 tools/binman/test/232_ti_sysfw.dts > create mode 100644 tools/binman/test/232_x509_cert.dts > delete mode 100755 tools/k3_fit_atf.sh > delete mode 100755 tools/k3_gen_x509_cert.sh > create mode 100644 tools/tibcfg_gen.py Adding the other binman maintainer..
On 10/05/2022 23:05, Tom Rini wrote:
> Adding the other binman maintainer..
Thanks. I haven't been able to focus on anything for a while. I'll try
to review the few series that have accumulated, maybe can manage this
week or so if things go well. Just wanted to send an update.
Hi, On 06/05/2022 07:37, Neha Malcom Francis wrote: > Devices that belong to the K3 architecture require SYSFW which is a FIT > image consisting of a signed system firmware image and board config > binaries. > > Board config binaries are needed to bring up SYSFW during U-Boot SPL > startup. The board config data is given in YAML as input. These board > configs contain board-specific information such as resource management, > power management and security. > > The following series intends to plumb the system firmware generation > into U-Boot using binman for packaging. Thus it will eliminate the need > for additional custom repositories for SYSFW generation and also moves t > owards the community standard build flow. We use binman to package > tiboot3.bin and sysfw.itb images. > > These images also require x509 certificates which are created using the > etype x509-cert. > > The series also plumbs the generation of tispl.bin into the build flow. > This image is required for loading u-boot in K3 devices. The image is > packaged using ATF, OPTEE and DM (Device Manager). > > Please note that the following series has implemented the above for > J721E general purpose board. The board configs and device trees added > are specific to J721E GP devices. > > Also note the introduction of three new etypes: ti-sysfw, ti-dm and > x509-cert. > > On running CI tests on Github, errors were produced during world builds > of keystone2_keystone3 and siemens (I0T2050 which is based on AM65x). > This patch series is intended for only J721E and future work is to expand > to the remaining K3 devices as well. The errors that come are mainly due > to the boards other than J721E trying to generate tispl.bin. You will have to implement it such that none of the existing board build/functionality breaks. Otherwise it will be impossible to get this merged. Is this series tested for High-Security (HS) J721E as well? cheers, -roger > > v2: > - Added etype x509-cert for creating x509 Texas Instruments certificate > binary > - Added packaging of tiboot3.bin > - Packaging of tiboot3.bin and sysfw.itb using new etype x509 > - sysfw --> ti-sysfw > - Reformatted and re-arranged patches > - Removed k3_fit_atf.sh and k3_gen_x509_cert.sh as their functionality > is provided by binman now > > Neha Malcom Francis (11): > j721e_evm: schema: yaml: Add general schema and J721E board config > files > ti: tools: config: Add board config class to generate config binaries > ti: etype: sysfw: Add entry type for sysfw > ti: etype: dm: Add entry type for TI DM > ti: etype: x509: Add etype for x509 certificate for K3 devices > ti: sysfw: Add support for packaging sysfw.itb > ti: tiboot3.bin: Remove tiboot3.bin target from makefile > ti: tispl.bin: Removed script that packages tispl.bin > ti: x509: Remove shell script used for signing > ti: dtsi: j721e: Use binman to package sysfw.itb and tiboot3.bin > ti: dtsi: j721e: Use binman to package tispl.bin > > Makefile | 2 + > arch/arm/dts/k3-j721e-a72-binman.dtsi | 86 + > .../k3-j721e-common-proc-board-u-boot.dtsi | 1 + > arch/arm/dts/k3-j721e-r5-binman.dtsi | 88 + > .../k3-j721e-r5-common-proc-board-u-boot.dtsi | 1 + > arch/arm/mach-k3/config.mk | 64 +- > board/ti/common/schema.yaml | 355 ++ > board/ti/j721e/Kconfig | 2 + > board/ti/j721e/config.yaml | 3162 +++++++++++++++++ > scripts/Makefile.spl | 4 - > test/py/requirements.txt | 1 + > tools/binman/entries.rst | 36 + > tools/binman/etype/ti_dm.py | 23 + > tools/binman/etype/ti_sysfw.py | 28 + > tools/binman/etype/x509_cert.py | 248 ++ > tools/binman/ftest.py | 21 + > tools/binman/test/225_ti_dm.dts | 13 + > tools/binman/test/232_ti_sysfw.dts | 13 + > tools/binman/test/232_x509_cert.dts | 18 + > tools/k3_fit_atf.sh | 123 - > tools/k3_gen_x509_cert.sh | 252 -- > tools/tibcfg_gen.py | 114 + > 22 files changed, 4227 insertions(+), 428 deletions(-) > create mode 100644 arch/arm/dts/k3-j721e-a72-binman.dtsi > create mode 100644 arch/arm/dts/k3-j721e-r5-binman.dtsi > create mode 100644 board/ti/common/schema.yaml > create mode 100644 board/ti/j721e/config.yaml > create mode 100644 tools/binman/etype/ti_dm.py > create mode 100644 tools/binman/etype/ti_sysfw.py > create mode 100644 tools/binman/etype/x509_cert.py > create mode 100644 tools/binman/test/225_ti_dm.dts > create mode 100644 tools/binman/test/232_ti_sysfw.dts > create mode 100644 tools/binman/test/232_x509_cert.dts > delete mode 100755 tools/k3_fit_atf.sh > delete mode 100755 tools/k3_gen_x509_cert.sh > create mode 100644 tools/tibcfg_gen.py >
Hi Roger, On 31/05/22 13:51, Roger Quadros wrote: > Hi, > > On 06/05/2022 07:37, Neha Malcom Francis wrote: >> Devices that belong to the K3 architecture require SYSFW which is a FIT >> image consisting of a signed system firmware image and board config >> binaries. >> >> Board config binaries are needed to bring up SYSFW during U-Boot SPL >> startup. The board config data is given in YAML as input. These board >> configs contain board-specific information such as resource management, >> power management and security. >> >> The following series intends to plumb the system firmware generation >> into U-Boot using binman for packaging. Thus it will eliminate the need >> for additional custom repositories for SYSFW generation and also moves t >> owards the community standard build flow. We use binman to package >> tiboot3.bin and sysfw.itb images. >> >> These images also require x509 certificates which are created using the >> etype x509-cert. >> >> The series also plumbs the generation of tispl.bin into the build flow. >> This image is required for loading u-boot in K3 devices. The image is >> packaged using ATF, OPTEE and DM (Device Manager). >> >> Please note that the following series has implemented the above for >> J721E general purpose board. The board configs and device trees added >> are specific to J721E GP devices. >> >> Also note the introduction of three new etypes: ti-sysfw, ti-dm and >> x509-cert. >> >> On running CI tests on Github, errors were produced during world builds >> of keystone2_keystone3 and siemens (I0T2050 which is based on AM65x). >> This patch series is intended for only J721E and future work is to expand >> to the remaining K3 devices as well. The errors that come are mainly due >> to the boards other than J721E trying to generate tispl.bin. > > You will have to implement it such that none of the existing board build/functionality > breaks. Otherwise it will be impossible to get this merged. > > Is this series tested for High-Security (HS) J721E as well? > > cheers, > -roger > I've noted this and the other comments you've mentioned in the rest of the series regarding not breaking any of the existing board functionalities. I'll make the necessary changes and send across a new patch for the same. No this series is intended for only General Purpose J721E devices. >> >> v2: >> - Added etype x509-cert for creating x509 Texas Instruments certificate >> binary >> - Added packaging of tiboot3.bin >> - Packaging of tiboot3.bin and sysfw.itb using new etype x509 >> - sysfw --> ti-sysfw >> - Reformatted and re-arranged patches >> - Removed k3_fit_atf.sh and k3_gen_x509_cert.sh as their functionality >> is provided by binman now >> >> Neha Malcom Francis (11): >> j721e_evm: schema: yaml: Add general schema and J721E board config >> files >> ti: tools: config: Add board config class to generate config binaries >> ti: etype: sysfw: Add entry type for sysfw >> ti: etype: dm: Add entry type for TI DM >> ti: etype: x509: Add etype for x509 certificate for K3 devices >> ti: sysfw: Add support for packaging sysfw.itb >> ti: tiboot3.bin: Remove tiboot3.bin target from makefile >> ti: tispl.bin: Removed script that packages tispl.bin >> ti: x509: Remove shell script used for signing >> ti: dtsi: j721e: Use binman to package sysfw.itb and tiboot3.bin >> ti: dtsi: j721e: Use binman to package tispl.bin >> >> Makefile | 2 + >> arch/arm/dts/k3-j721e-a72-binman.dtsi | 86 + >> .../k3-j721e-common-proc-board-u-boot.dtsi | 1 + >> arch/arm/dts/k3-j721e-r5-binman.dtsi | 88 + >> .../k3-j721e-r5-common-proc-board-u-boot.dtsi | 1 + >> arch/arm/mach-k3/config.mk | 64 +- >> board/ti/common/schema.yaml | 355 ++ >> board/ti/j721e/Kconfig | 2 + >> board/ti/j721e/config.yaml | 3162 +++++++++++++++++ >> scripts/Makefile.spl | 4 - >> test/py/requirements.txt | 1 + >> tools/binman/entries.rst | 36 + >> tools/binman/etype/ti_dm.py | 23 + >> tools/binman/etype/ti_sysfw.py | 28 + >> tools/binman/etype/x509_cert.py | 248 ++ >> tools/binman/ftest.py | 21 + >> tools/binman/test/225_ti_dm.dts | 13 + >> tools/binman/test/232_ti_sysfw.dts | 13 + >> tools/binman/test/232_x509_cert.dts | 18 + >> tools/k3_fit_atf.sh | 123 - >> tools/k3_gen_x509_cert.sh | 252 -- >> tools/tibcfg_gen.py | 114 + >> 22 files changed, 4227 insertions(+), 428 deletions(-) >> create mode 100644 arch/arm/dts/k3-j721e-a72-binman.dtsi >> create mode 100644 arch/arm/dts/k3-j721e-r5-binman.dtsi >> create mode 100644 board/ti/common/schema.yaml >> create mode 100644 board/ti/j721e/config.yaml >> create mode 100644 tools/binman/etype/ti_dm.py >> create mode 100644 tools/binman/etype/ti_sysfw.py >> create mode 100644 tools/binman/etype/x509_cert.py >> create mode 100644 tools/binman/test/225_ti_dm.dts >> create mode 100644 tools/binman/test/232_ti_sysfw.dts >> create mode 100644 tools/binman/test/232_x509_cert.dts >> delete mode 100755 tools/k3_fit_atf.sh >> delete mode 100755 tools/k3_gen_x509_cert.sh >> create mode 100644 tools/tibcfg_gen.py >>
Devices that belong to the K3 architecture require SYSFW which is a FIT image consisting of a signed system firmware image and board config binaries. Board config binaries are needed to bring up SYSFW during U-Boot SPL startup. The board config data is given in YAML as input. These board configs contain board-specific information such as resource management, power management and security. The following series intends to plumb the system firmware generation into U-Boot using binman for packaging. Thus it will eliminate the need for additional custom repositories for SYSFW generation and also moves t owards the community standard build flow. We use binman to package tiboot3.bin and sysfw.itb images. These images also require x509 certificates which are created using the etype x509-cert. The series also plumbs the generation of tispl.bin into the build flow. This image is required for loading u-boot in K3 devices. The image is packaged using ATF, OPTEE and DM (Device Manager). Please note that the following series has implemented the above for J721E general purpose board. The board configs and device trees added are specific to J721E GP devices. Also note the introduction of three new etypes: ti-sysfw, ti-dm and x509-cert. On running CI tests on Github, errors were produced during world builds of keystone2_keystone3 and siemens (I0T2050 which is based on AM65x). This patch series is intended for only J721E and future work is to expand to the remaining K3 devices as well. The errors that come are mainly due to the boards other than J721E trying to generate tispl.bin. v2: - Added etype x509-cert for creating x509 Texas Instruments certificate binary - Added packaging of tiboot3.bin - Packaging of tiboot3.bin and sysfw.itb using new etype x509 - sysfw --> ti-sysfw - Reformatted and re-arranged patches - Removed k3_fit_atf.sh and k3_gen_x509_cert.sh as their functionality is provided by binman now Neha Malcom Francis (11): j721e_evm: schema: yaml: Add general schema and J721E board config files ti: tools: config: Add board config class to generate config binaries ti: etype: sysfw: Add entry type for sysfw ti: etype: dm: Add entry type for TI DM ti: etype: x509: Add etype for x509 certificate for K3 devices ti: sysfw: Add support for packaging sysfw.itb ti: tiboot3.bin: Remove tiboot3.bin target from makefile ti: tispl.bin: Removed script that packages tispl.bin ti: x509: Remove shell script used for signing ti: dtsi: j721e: Use binman to package sysfw.itb and tiboot3.bin ti: dtsi: j721e: Use binman to package tispl.bin Makefile | 2 + arch/arm/dts/k3-j721e-a72-binman.dtsi | 86 + .../k3-j721e-common-proc-board-u-boot.dtsi | 1 + arch/arm/dts/k3-j721e-r5-binman.dtsi | 88 + .../k3-j721e-r5-common-proc-board-u-boot.dtsi | 1 + arch/arm/mach-k3/config.mk | 64 +- board/ti/common/schema.yaml | 355 ++ board/ti/j721e/Kconfig | 2 + board/ti/j721e/config.yaml | 3162 +++++++++++++++++ scripts/Makefile.spl | 4 - test/py/requirements.txt | 1 + tools/binman/entries.rst | 36 + tools/binman/etype/ti_dm.py | 23 + tools/binman/etype/ti_sysfw.py | 28 + tools/binman/etype/x509_cert.py | 248 ++ tools/binman/ftest.py | 21 + tools/binman/test/225_ti_dm.dts | 13 + tools/binman/test/232_ti_sysfw.dts | 13 + tools/binman/test/232_x509_cert.dts | 18 + tools/k3_fit_atf.sh | 123 - tools/k3_gen_x509_cert.sh | 252 -- tools/tibcfg_gen.py | 114 + 22 files changed, 4227 insertions(+), 428 deletions(-) create mode 100644 arch/arm/dts/k3-j721e-a72-binman.dtsi create mode 100644 arch/arm/dts/k3-j721e-r5-binman.dtsi create mode 100644 board/ti/common/schema.yaml create mode 100644 board/ti/j721e/config.yaml create mode 100644 tools/binman/etype/ti_dm.py create mode 100644 tools/binman/etype/ti_sysfw.py create mode 100644 tools/binman/etype/x509_cert.py create mode 100644 tools/binman/test/225_ti_dm.dts create mode 100644 tools/binman/test/232_ti_sysfw.dts create mode 100644 tools/binman/test/232_x509_cert.dts delete mode 100755 tools/k3_fit_atf.sh delete mode 100755 tools/k3_gen_x509_cert.sh create mode 100644 tools/tibcfg_gen.py