On Thursday 18 August 2016 09:11 PM, Andrew F. Davis wrote:
Hello all,
I've recently been tasked with enabling authenticated boot for AM33xx based devices. This work is similar to what has already been done for the AM43xx and AM57xx SoCs and leverages much of the infrastructure from them.
The big difference here is the size of SRAM available on AM33xx being much less than on the other SoCs, when performing a secure boot this limits the maximum size of the SPL to just ~41k, the SPL currently generated for AM33xx SoCs is ~70k. To trim down the SPL we move various options from the config headers to the Kconfig system so we can selectively disable them in HS specific defconfigs.
To do this we start in patch 1 and 2 by creating Kconfig options for specifying what for what media the SPL should be able to load U-Boot from and for what media the SPL should itself be loaded from, respectively. We do this as the secure signature contains the name of the SPL boot media, and to reduce size. Also this works to reduce confusion in build types vs load types, we fix such an issue in patch 8.
In patch 3 and 4 we use the newly added _SUPPORT Kconfigs on a couple boards.
The rest are hopefully explained well enough in the commit message.
Have you tried doing build tests using buildman?. It is throwing lot of errors.
Thanks and regards, Lokesh
Thanks, Andrew
Andrew F. Davis (13): spl: Kconfig: Add SPL_<media>_SUPPORT as Kconfig option spl: Kconfig: Add SPL_<media>_BOOT as Kconfig option spl: Kconfig: Add CONFIG_SPL_TEXT_BASE as Kconfig option config: am335x_evm: Move CONFIG_SPL_YMODEM_SUPPORT to Kconfig config: am43xx_evm: Move CONFIG_SPL_YMODEM_SUPPORT to Kconfig Kconfig: Separate AM33XX SOC config from target board config am33xx: config.mk: Add support for additional secure boot image types am33xx: config.mk: Fix option used to enable SPI SPL image type doc: Update info on using AM33xx secure devices from TI ti: omap-common: Allow AM33xx devices to be built securely omap: Use SD_BOOT in place of EMMC_BOOT config: Remove usage of CONFIG_STORAGE_EMMC board: am33xx-hs: spl: Allow post-processing of FIT image on AM33xx
Kconfig | 8 ++++ arch/arm/Kconfig | 20 ++++---- arch/arm/cpu/armv7/am33xx/Kconfig | 18 ++++++++ arch/arm/cpu/armv7/am33xx/config.mk | 29 ++++++++++-- arch/arm/cpu/armv7/omap-common/Kconfig | 2 +- board/ti/am335x/board.c | 8 ++++ board/ti/am335x/mux.c | 4 +- common/Kconfig | 76 +++++++++++++++++++++++++++++++ common/spl/Kconfig | 54 ++++++++++++++++++++++ configs/am335x_boneblack_defconfig | 4 +- configs/am335x_boneblack_vboot_defconfig | 5 +- configs/am335x_evm_defconfig | 3 ++ configs/am335x_evm_nor_defconfig | 2 + configs/am335x_evm_norboot_defconfig | 1 + configs/am335x_evm_spiboot_defconfig | 2 + configs/am335x_evm_usbspl_defconfig | 1 + configs/am335x_sl50_defconfig | 2 +- configs/am43xx_evm_defconfig | 1 + configs/am43xx_evm_ethboot_defconfig | 1 + configs/am43xx_evm_qspiboot_defconfig | 1 + configs/am43xx_evm_usbhost_boot_defconfig | 1 + configs/am43xx_hs_evm_defconfig | 1 + configs/brppt1_mmc_defconfig | 3 +- configs/brppt1_spi_defconfig | 3 +- doc/README.ti-secure | 32 +++++++++++++ include/configs/am335x_evm.h | 6 +-- include/configs/am335x_shc.h | 2 - include/configs/am335x_sl50.h | 4 +- include/configs/am43xx_evm.h | 1 - include/configs/bav335x.h | 4 +- include/configs/brppt1.h | 6 +-- include/configs/ti_am335x_common.h | 4 ++ 32 files changed, 272 insertions(+), 37 deletions(-) create mode 100644 common/spl/Kconfig