From patchwork Fri Oct 8 00:28:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marcel Ziswiler X-Patchwork-Id: 1538076 X-Patchwork-Delegate: sbabic@denx.de Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=) Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HQTZk0qr6z9sR4 for ; Fri, 8 Oct 2021 11:29:02 +1100 (AEDT) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 728BE8347F; Fri, 8 Oct 2021 02:28:51 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=ziswiler.com Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Received: by phobos.denx.de (Postfix, from userid 109) id 83716833C9; Fri, 8 Oct 2021 02:28:43 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_MSPIKE_H2, SPF_HELO_PASS,SPF_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mout.perfora.net (mout.perfora.net [74.208.4.196]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id D844382BA5 for ; Fri, 8 Oct 2021 02:28:36 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=none (p=none dis=none) header.from=ziswiler.com Authentication-Results: phobos.denx.de; spf=none smtp.mailfrom=marcel@ziswiler.com Received: from toolbox.toradex.int ([66.171.181.186]) by mrelay.perfora.net (mreueus002 [74.208.5.2]) with ESMTPSA (Nemesis) id 0LiEzt-1nBILa24yh-00nQ0d; Fri, 08 Oct 2021 02:28:25 +0200 From: Marcel Ziswiler To: u-boot@lists.denx.de Cc: Fabio Estevam , Stefano Babic , Heiko Thiery , Frieder Schrempf , Marcel Ziswiler , "NXP i.MX U-Boot Team" , Simon Glass , Tom Rini Subject: [PATCH v5 03/10] ARM: dts: imx8mm-verdin: prepare for dek blob encapsulation Date: Fri, 8 Oct 2021 02:28:08 +0200 Message-Id: <20211008002815.870313-4-marcel@ziswiler.com> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20211008002815.870313-1-marcel@ziswiler.com> References: <20211008002815.870313-1-marcel@ziswiler.com> MIME-Version: 1.0 X-Provags-ID: V03:K1:Dv8EZpwlRQ5VdEit8hIGoRoVWr3sR2g9pel8+0//yoyED57N+Rc Lu8I0OVX11HwL4sD1rlnAKOPFwgZw/Xhp4yt3gRiOQbYc3c0KBBdHF+7agTw5vKdIPfwaai xR1yq64T0p6D+cWzZjOa9n+KG0wopDmb5LPzuJmatXdgvryI7CoMYu1SKvpsWVUrXBxk2qw PdPbPzW60G9qvSBVE0IGQ== X-UI-Out-Filterresults: notjunk:1;V03:K0:7atAh3qfEnI=:2xzUO9HInl1kkwlqT9oiWp vQ7V18DiWPCQTV7etvaYDMZtU/+3+wwVkO2CEH4Qd+53bJyctDTNz7UlUBNdM5F0xgB+IVE51 xDHAkNs7C4KqHOprHTUFXPD1xVF/Q8VTTiThbFZKoanW1HrUbQWcedleTDryY0mlFKAIEUnPX D3zn5dLBCsJj3e5R2dHDrvEB/moZiq59XAb5qdaJ0lziwvMME2OaYqy4mbK/fU48Hd5P6mviE zVRzrxrst63HszZlj5qTvmrk3B9Fmi0PvmoU8geOytww/wYFK+uZ59rCtZ1xYxW375z9dSXCi GU/CeNcKD+NZjum+gOs9z2ytUDVmf0M7bZ3xONxJNNBMW5Fv1ul1r+Ujq/xdknx4w3E0mmLaz 8XaOoVeGa6Jx1tqqxplFVS5V7Vqf/evPCaO2H0KkCx7+L2FrvzkznpVuG2shs0TbOZqFwwXEk FlqLHPSK5nce5Kpn0Cdm32phFoa/A7YWbK7QymkKachH9JOEuSkxJ1P5Ommfmf8A38tBkja/s i6KqFHEs6OqMUYKGWF97RJ1yDn+1achQTbxEo8J2j+QbRJne4pXVvkOTfF2hIHiiuU+G6WFDk CXGnQsSUk1UcLka1O1cpdIwDcFZe0xedqm68uVWXdFOu5emm2hjOU2wKKffnOhlFxNvpGqFVH Y92gThqfUWXUlhSK2sch/vQFwKSsSMAHtTAjA5GmI8n2DglptjOMSS9noGng/o5Cz0U3P1yx2 iHgFwQ6vhDS2fuUYZ3iJoKi07IVkWtK29ei5DA== X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean From: Marcel Ziswiler Prepare for DEK blob encapsulation support through "dek_blob" command. On ARMv8, u-boot runs in non-secure, thus cannot encapsulate a DEK blob for encrypted boot. The DEK blob is encapsulated by OP-TEE through a trusted application call. U-boot sends and receives the DEK and the DEK blob binaries through OP-TEE dynamic shared memory. To enable the DEK blob encapsulation, add to the defconfig: CONFIG_SECURE_BOOT=y CONFIG_FAT_WRITE=y CONFIG_CMD_DEKBLOB=y Taken from NXP's commit 56d2050f4028 ("imx8m: Add DEK blob encapsulation for imx8m"). Signed-off-by: Marcel Ziswiler Reviewed-by: Fabio Estevam --- (no changes since v1) arch/arm/dts/imx8mm-verdin-u-boot.dtsi | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/arch/arm/dts/imx8mm-verdin-u-boot.dtsi b/arch/arm/dts/imx8mm-verdin-u-boot.dtsi index 67c31c49b6c..a97626fa0c1 100644 --- a/arch/arm/dts/imx8mm-verdin-u-boot.dtsi +++ b/arch/arm/dts/imx8mm-verdin-u-boot.dtsi @@ -6,6 +6,13 @@ #include "imx8mm-u-boot.dtsi" / { + firmware { + optee { + compatible = "linaro,optee-tz"; + method = "smc"; + }; + }; + wdt-reboot { compatible = "wdt-reboot"; wdt = <&wdog1>;