We should not use typedefs in U-Boot. They cannot be used as forward
declarations which means that header files must include the full header to
access them.
Drop the typedef and rename the struct to remove the _s suffix which is
now not useful.
This requires quite a few header-file additions.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present panic() is in the vsprintf.h header file. That does not seem
like an obvious choice for hang(), even though it relates to panic(). So
let's put hang() in its own header.
Signed-off-by: Simon Glass <sjg@chromium.org>
[trini: Migrate a few more files]
Signed-off-by: Tom Rini <trini@konsulko.com>
These functions are CPU-related and do not use driver model. Move them to
cpu_func.h
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
While converting CONFIG_SYS_[DI]CACHE_OFF to Kconfig, there are instances
where these configuration items are conditional on SPL. This commit adds SPL
variants of these configuration items, uses CONFIG_IS_ENABLED(), and updates
the configurations as required.
Acked-by: Alexey Brodkin <abrodkin@synopsys.com>
Signed-off-by: Trevor Woerner <trevor@toganlabs.com>
[trini: Make the default depend on the setting for full U-Boot, update
more zynq hardware]
Signed-off-by: Tom Rini <trini@konsulko.com>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
When in early SPL we make some secure ROM calls that can effect
DRAM, due to this it is more stable to store the args for these
calls in SRAM, but uninitialized and zero'd globals are placed
in BSS, located in DRAM. Force our args into the data section
which is in SRAM during SPL.
Signed-off-by: Andrew F. Davis <afd@ti.com>
The signing certificate name is always 15 chars long, but need not be
null terminated. One solution is then to use printf precision modifiers
to only print this many chars ("%.15s"), but tiny printf does not support
this, so lets just drop printing the cert name for now.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Fix the size calculation in the verify boot. The header size
should be subtracted from the image size, not be assigned to
the image size.
Fixes: 0830d72bb9 ("arm: am33xx: security: adds auth support for encrypted images")
Signed-off-by: Madan Srinivas <madans@ti.com>
Signed-off-by: Dan Murphy <dmurphy@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
This patch adds support for authentication of both plain
text and encrypted binaries. A new SECDEV package is needed
to enable encryption of binaries by default for AM3x.
The ROM authentication API detects encrypted images at
runtime and automatically decrypts the image if the
signature verification passes.
Addition of encryption on AM3x results in a change in the
image format. On AM4x, AM5x and, on AM3x devices signing
clear test images, the signature is appended to the end of the
binary.
On AM3x, when the SECDEV package is used to create signed
and encrypted images, the signature is added as a header
to the start of the binary. So the binary size calculation
has been updated to reflect this change.
The signing tools and encrypted image format for AM3x
cannot be changed to behave like AM4x and AM5x to
maintain backward compatibility with older Sitara
M-Shield releases.
Signed-off-by: Madan Srinivas <madans@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
When the OP-TEE image is built for secure paging the load address may be
in SRAM, remove checks that prevent this.
Signed-off-by: Harinarayan Bhatta <harinarayan@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
The image address passed to secure_boot_verify_image() may not be
cacheline aligned, round the address down to the nearest cacheline.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Lokesh Vutla <lokeshvutla@ti.com>
Some of the fixups currently done for OMAP5 class boards are common to
other OMAP family devices, move these to fdt-common.c.
Signed-off-by: Andrew F. Davis <afd@ti.com>
TEE loading and firewall setup are common to all omap2 devices, move
these function out of omap5 and into mach-omap2. This allows us
to use these functions from other omap class devices.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Each call of va_start must be matched by a call of va_end.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Tom Rini <trini@konsulko.com>
After we authenticate/decrypt an image we need to flush the caches
as they may still contain bits of the encrypted image. This will
cause failures if we attempt to jump to this image.
Reported-by: Yogesh Siraswar<yogeshs@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
On AM33xx devices the secure ROM uses a different call index for
signature verification, the function and arguments are the same.
Signed-off-by: Andrew F. Davis <afd@ti.com>
This moves what was in arch/arm/cpu/armv7/omap-common in to
arch/arm/mach-omap2 and moves
arch/arm/cpu/armv7/{am33xx,omap3,omap4,omap5} in to arch/arm/mach-omap2
as subdirectories. All refernces to the former locations are updated to
the current locations. For the logic to decide what our outputs are,
consolidate the tests into a single config.mk rather than including 4.
Signed-off-by: Tom Rini <trini@konsulko.com>
