[U-Boot] [PATCH 1/2][v4] powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041
Secure Boot Target is added for NAND for P3041. Changes: In PowerPC, the core begins execution from address 0xFFFFFFFC. In case of secure boot, this default address maps to Boot ROM. The Boot ROM code requires that the bootloader(U-boot) must lie in 0 to 3.5G address space i.e. 0x0 - 0xDFFFFFFF.
In case of NAND Secure Boot, CONFIG_SYS_RAMBOOT is enabled and CPC is configured as SRAM. U-Boot binary will be located on this SRAM at location 0xBFF40000 with entry point as 0xBFFFFFFC.
Signed-off-by: Ruchika Gupta ruchika.gupta@freescale.com Signed-off-by: Aneesh Bansal aneesh.bansal@freescale.com --- Changes in v4: - Created a patch set.
Makefile | 4 ++++ arch/powerpc/cpu/mpc85xx/cpu_init.c | 17 +++++++++++++++++ board/freescale/common/p_corenet/tlb.c | 18 +++++++++++++++++- board/freescale/corenet_ds/MAINTAINERS | 5 +++++ configs/P3041DS_NAND_SECURE_BOOT_defconfig | 4 ++++ include/configs/corenet_ds.h | 9 +++++++++ 6 files changed, 56 insertions(+), 1 deletion(-) create mode 100644 configs/P3041DS_NAND_SECURE_BOOT_defconfig
diff --git a/Makefile b/Makefile index bd4abab..acfaa23 100644 --- a/Makefile +++ b/Makefile @@ -719,8 +719,12 @@ ALL-$(CONFIG_ONENAND_U_BOOT) += u-boot-onenand.bin ifeq ($(CONFIG_SPL_FSL_PBL),y) ALL-$(CONFIG_RAMBOOT_PBL) += u-boot-with-spl-pbl.bin else +ifneq ($(CONFIG_SECURE_BOOT), y) +# For Secure Boot The Image needs to be signed and Header must also +# be included. So The image has to be built explicitly ALL-$(CONFIG_RAMBOOT_PBL) += u-boot.pbl endif +endif ALL-$(CONFIG_SPL) += spl/u-boot-spl.bin ALL-$(CONFIG_SPL_FRAMEWORK) += u-boot.img ALL-$(CONFIG_TPL) += tpl/u-boot-tpl.bin diff --git a/arch/powerpc/cpu/mpc85xx/cpu_init.c b/arch/powerpc/cpu/mpc85xx/cpu_init.c index 4cf8853..ef56cc0 100644 --- a/arch/powerpc/cpu/mpc85xx/cpu_init.c +++ b/arch/powerpc/cpu/mpc85xx/cpu_init.c @@ -843,6 +843,23 @@ int cpu_init_r(void) setup_mp(); #endif
+#if defined(CONFIG_SYS_RAMBOOT) && defined(CONFIG_SYS_INIT_L3_ADDR) && \ + defined(CONFIG_SECURE_BOOT) + /* Disable the TLB Created for L3 and create the TLB required for + * PCIE (CONFIG_SYS_PCIE1_MEM_VIRT) which was not created earlier. + */ + int tlb_index; + tlb_index = find_tlb_idx((void *)CONFIG_BPTR_VIRT_ADDR, 1); + if (tlb_index != -1) { + disable_tlb(tlb_index); + + set_tlb(1, CONFIG_SYS_PCIE1_MEM_VIRT, + CONFIG_SYS_PCIE1_MEM_PHYS, + MAS3_SW|MAS3_SR, MAS2_I|MAS2_G, + 0, tlb_index, BOOKE_PAGESZ_1G, 1); + } +#endif + #ifdef CONFIG_SYS_FSL_ERRATUM_ESDHC13 { if (SVR_MAJ(svr) < 3) { diff --git a/board/freescale/common/p_corenet/tlb.c b/board/freescale/common/p_corenet/tlb.c index 8148e46..1b60cfb 100644 --- a/board/freescale/common/p_corenet/tlb.c +++ b/board/freescale/common/p_corenet/tlb.c @@ -42,7 +42,9 @@ struct fsl_e_tlb_entry tlb_table[] = {
/* TLB 1 */ /* *I*** - Covers boot page */ -#if defined(CONFIG_SYS_RAMBOOT) && defined(CONFIG_SYS_INIT_L3_ADDR) + /* In Case of Secure RAM Boot L3 address is defined at 0xbff00000 */ +#if defined(CONFIG_SYS_RAMBOOT) && defined(CONFIG_SYS_INIT_L3_ADDR) && \ + !defined(CONFIG_SECURE_BOOT) /* * *I*G - L3SRAM. When L3 is used as 1M SRAM, the address of the * SRAM is at 0xfff00000, it covered the 0xfffff000. @@ -76,11 +78,25 @@ struct fsl_e_tlb_entry tlb_table[] = { MAS3_SX|MAS3_SR, MAS2_W|MAS2_G, 0, 2, BOOKE_PAGESZ_256M, 1),
+#if defined(CONFIG_SYS_RAMBOOT) && defined(CONFIG_SYS_INIT_L3_ADDR) && \ + defined(CONFIG_SECURE_BOOT) + /* In case of Secure Boot, L3 is used as 1M SRAM + * and the address of the SRAM is at 0xbff00000. + * The PCIE TLB entry conflicts with the above entry. + * So, the entry for PCIE is not created at this point of time. + * It will be created later on in cpu_init_r() + * when U-Boot has relocated to DDR + */ + SET_TLB_ENTRY(1, CONFIG_SYS_INIT_L3_ADDR, CONFIG_SYS_INIT_L3_ADDR, + MAS3_SX|MAS3_SW|MAS3_SR, MAS2_I|MAS2_G, + 0, 3, BOOKE_PAGESZ_1M, 1), +#else /* *I*G* - PCI */ SET_TLB_ENTRY(1, CONFIG_SYS_PCIE1_MEM_VIRT, CONFIG_SYS_PCIE1_MEM_PHYS, MAS3_SW|MAS3_SR, MAS2_I|MAS2_G, 0, 3, BOOKE_PAGESZ_1G, 1),
+#endif /* *I*G* - PCI */ SET_TLB_ENTRY(1, CONFIG_SYS_PCIE1_MEM_VIRT + 0x40000000, CONFIG_SYS_PCIE1_MEM_PHYS + 0x40000000, diff --git a/board/freescale/corenet_ds/MAINTAINERS b/board/freescale/corenet_ds/MAINTAINERS index 745847c..6855446 100644 --- a/board/freescale/corenet_ds/MAINTAINERS +++ b/board/freescale/corenet_ds/MAINTAINERS @@ -28,3 +28,8 @@ F: configs/P5040DS_NAND_defconfig F: configs/P5040DS_SDCARD_defconfig F: configs/P5040DS_SPIFLASH_defconfig F: configs/P5040DS_SECURE_BOOT_defconfig + +CORENET_DS_SECURE_BOOT BOARD +M: Aneesh Bansal aneesh.bansal@freescale.com +S: Maintained +F: configs/P3041DS_NAND_SECURE_BOOT_defconfig diff --git a/configs/P3041DS_NAND_SECURE_BOOT_defconfig b/configs/P3041DS_NAND_SECURE_BOOT_defconfig new file mode 100644 index 0000000..e810b1c --- /dev/null +++ b/configs/P3041DS_NAND_SECURE_BOOT_defconfig @@ -0,0 +1,4 @@ +CONFIG_SYS_EXTRA_OPTIONS="RAMBOOT_PBL,NAND,SECURE_BOOT,SYS_TEXT_BASE=0xBFF40000" +CONFIG_PPC=y +CONFIG_MPC85xx=y +CONFIG_TARGET_P3041DS=y diff --git a/include/configs/corenet_ds.h b/include/configs/corenet_ds.h index 225ffdd..64c6890 100644 --- a/include/configs/corenet_ds.h +++ b/include/configs/corenet_ds.h @@ -16,6 +16,14 @@ #include "../board/freescale/common/ics307_clk.h"
#ifdef CONFIG_RAMBOOT_PBL +#ifdef CONFIG_SECURE_BOOT +#define CONFIG_RAMBOOT_TEXT_BASE CONFIG_SYS_TEXT_BASE +#define CONFIG_RESET_VECTOR_ADDRESS 0xbffffffc +#define CONFIG_BPTR_VIRT_ADDR 0xbffff000 +#ifdef CONFIG_NAND +#define CONFIG_RAMBOOT_NAND +#endif +#else #define CONFIG_RAMBOOT_TEXT_BASE CONFIG_SYS_TEXT_BASE #define CONFIG_RESET_VECTOR_ADDRESS 0xfffffffc #define CONFIG_SYS_FSL_PBL_PBI board/freescale/corenet_ds/pbi.cfg @@ -29,6 +37,7 @@ #define CONFIG_SYS_FSL_PBL_RCW board/freescale/corenet_ds/rcw_p5040ds.cfg #endif #endif +#endif
#ifdef CONFIG_SRIO_PCIE_BOOT_SLAVE /* Set 1M boot space */
[Reposting comment on v4 as York requested]
On Wed, Feb 25, 2015 at 02:17:56PM +0530, Aneesh Bansal wrote:
diff --git a/arch/powerpc/cpu/mpc85xx/cpu_init.c b/arch/powerpc/cpu/mpc85xx/cpu_init.c index 4cf8853..ef56cc0 100644 --- a/arch/powerpc/cpu/mpc85xx/cpu_init.c +++ b/arch/powerpc/cpu/mpc85xx/cpu_init.c @@ -843,6 +843,23 @@ int cpu_init_r(void) setup_mp(); #endif
+#if defined(CONFIG_SYS_RAMBOOT) && defined(CONFIG_SYS_INIT_L3_ADDR) && \
- defined(CONFIG_SECURE_BOOT)
- /* Disable the TLB Created for L3 and create the TLB required for
* PCIE (CONFIG_SYS_PCIE1_MEM_VIRT) which was not created earlier.*/- int tlb_index;
- tlb_index = find_tlb_idx((void *)CONFIG_BPTR_VIRT_ADDR, 1);
- if (tlb_index != -1) {
disable_tlb(tlb_index);set_tlb(1, CONFIG_SYS_PCIE1_MEM_VIRT,CONFIG_SYS_PCIE1_MEM_PHYS,MAS3_SW|MAS3_SR, MAS2_I|MAS2_G,0, tlb_index, BOOKE_PAGESZ_1G, 1);- }
+#endif
Why are you assuming in generic 85xx code that the TLB for PCIE1 needs to be created? e500mc should have enough TLB1 entries that you don't need to share (or if it's due to address conflicts, a board may have PCI at a different address), and PCI may not exist at all on some boards.
-Scott
-----Original Message----- From: Wood Scott-B07421 Sent: Thursday, February 26, 2015 3:43 AM To: Bansal Aneesh-B39320 Cc: u-boot@lists.denx.de; Sun York-R58495; Gupta Ruchika-R66431 Subject: Re: [U-Boot, 1/2, v4] powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041
[Reposting comment on v4 as York requested]
On Wed, Feb 25, 2015 at 02:17:56PM +0530, Aneesh Bansal wrote:
diff --git a/arch/powerpc/cpu/mpc85xx/cpu_init.c b/arch/powerpc/cpu/mpc85xx/cpu_init.c index 4cf8853..ef56cc0 100644 --- a/arch/powerpc/cpu/mpc85xx/cpu_init.c +++ b/arch/powerpc/cpu/mpc85xx/cpu_init.c @@ -843,6 +843,23 @@ int cpu_init_r(void) setup_mp(); #endif
+#if defined(CONFIG_SYS_RAMBOOT) &&
defined(CONFIG_SYS_INIT_L3_ADDR) && \
- defined(CONFIG_SECURE_BOOT)
- /* Disable the TLB Created for L3 and create the TLB required for
* PCIE (CONFIG_SYS_PCIE1_MEM_VIRT) which was not createdearlier.
*/- int tlb_index;
- tlb_index = find_tlb_idx((void *)CONFIG_BPTR_VIRT_ADDR, 1);
- if (tlb_index != -1) {
disable_tlb(tlb_index);set_tlb(1, CONFIG_SYS_PCIE1_MEM_VIRT,CONFIG_SYS_PCIE1_MEM_PHYS,MAS3_SW|MAS3_SR, MAS2_I|MAS2_G,0, tlb_index, BOOKE_PAGESZ_1G, 1);- }
+#endif
Why are you assuming in generic 85xx code that the TLB for PCIE1 needs to be created? e500mc should have enough TLB1 entries that you don't need to share (or if it's due to address conflicts, a board may have PCI at a different address), and PCI may not exist at all on some boards.
-Scott
TLB's are created in freescale/common/p_corenet/tlb.c In case of Secure Boot, L3 is used as 1M SRAM and the address of the SRAM is at 0xbff00000. The PCIE TLB entry conflicts with the above entry and so the entry for PCIE was not created at that point of time. This is why it is being created here in cpu_init_r() when U-Boot has relocated to DDR and the TLB entry for SRAM is not required. Proper comments have been added in tlb.c to explain why it is being done. If address for PCI is changed than this also will have to be taken care of. The code is protected by relevant macros (CONFIG_SYS_RAMBOOT, CONFIG_SYS_INIT_L3_ADDR, CONFIG_SECURE_BOOT)
On Thu, 2015-02-26 at 22:35 -0600, Bansal Aneesh-B39320 wrote:
-----Original Message----- From: Wood Scott-B07421 Sent: Thursday, February 26, 2015 3:43 AM To: Bansal Aneesh-B39320 Cc: u-boot@lists.denx.de; Sun York-R58495; Gupta Ruchika-R66431 Subject: Re: [U-Boot, 1/2, v4] powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041
[Reposting comment on v4 as York requested]
On Wed, Feb 25, 2015 at 02:17:56PM +0530, Aneesh Bansal wrote:
diff --git a/arch/powerpc/cpu/mpc85xx/cpu_init.c b/arch/powerpc/cpu/mpc85xx/cpu_init.c index 4cf8853..ef56cc0 100644 --- a/arch/powerpc/cpu/mpc85xx/cpu_init.c +++ b/arch/powerpc/cpu/mpc85xx/cpu_init.c @@ -843,6 +843,23 @@ int cpu_init_r(void) setup_mp(); #endif
+#if defined(CONFIG_SYS_RAMBOOT) &&
defined(CONFIG_SYS_INIT_L3_ADDR) && \
- defined(CONFIG_SECURE_BOOT)
- /* Disable the TLB Created for L3 and create the TLB required for
* PCIE (CONFIG_SYS_PCIE1_MEM_VIRT) which was not createdearlier.
*/- int tlb_index;
- tlb_index = find_tlb_idx((void *)CONFIG_BPTR_VIRT_ADDR, 1);
- if (tlb_index != -1) {
disable_tlb(tlb_index);set_tlb(1, CONFIG_SYS_PCIE1_MEM_VIRT,CONFIG_SYS_PCIE1_MEM_PHYS,MAS3_SW|MAS3_SR, MAS2_I|MAS2_G,0, tlb_index, BOOKE_PAGESZ_1G, 1);- }
+#endif
Why are you assuming in generic 85xx code that the TLB for PCIE1 needs to be created? e500mc should have enough TLB1 entries that you don't need to share (or if it's due to address conflicts, a board may have PCI at a different address), and PCI may not exist at all on some boards.
-Scott
TLB's are created in freescale/common/p_corenet/tlb.c
Which doesn't apply to all 85xx boards (even custom corenet-based boards might not use it -- or if that's not the case, it should be moved out of the board directory). It's also not obvious to anyone modifying that tlb.c file or the address of PCIE1 that this would be affected.
In case of Secure Boot, L3 is used as 1M SRAM and the address of the SRAM is at 0xbff00000.
Is this hardcoded into the silicon, or determined by PBI or something similar? If it's not hardcoded, can we choose a less problematic address?
If it is hardcoded, and we don't want to change the PCIE1 virtual address, at least create defines for the entry to be created once SRAM goes away, rather than hardcoding PCIE1 here.
-Scott
-----Original Message----- From: Wood Scott-B07421 Sent: Friday, February 27, 2015 10:22 AM To: Bansal Aneesh-B39320 Cc: u-boot@lists.denx.de; Sun York-R58495; Gupta Ruchika-R66431 Subject: Re: [U-Boot, 1/2, v4] powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041
On Thu, 2015-02-26 at 22:35 -0600, Bansal Aneesh-B39320 wrote:
-----Original Message----- From: Wood Scott-B07421 Sent: Thursday, February 26, 2015 3:43 AM To: Bansal Aneesh-B39320 Cc: u-boot@lists.denx.de; Sun York-R58495; Gupta Ruchika-R66431 Subject: Re: [U-Boot, 1/2, v4] powerpc/mpc85xx: SECURE BOOT- NAND secure boot target for P3041
[Reposting comment on v4 as York requested]
On Wed, Feb 25, 2015 at 02:17:56PM +0530, Aneesh Bansal wrote:
diff --git a/arch/powerpc/cpu/mpc85xx/cpu_init.c b/arch/powerpc/cpu/mpc85xx/cpu_init.c index 4cf8853..ef56cc0 100644 --- a/arch/powerpc/cpu/mpc85xx/cpu_init.c +++ b/arch/powerpc/cpu/mpc85xx/cpu_init.c @@ -843,6 +843,23 @@ int cpu_init_r(void) setup_mp(); #endif
+#if defined(CONFIG_SYS_RAMBOOT) &&
defined(CONFIG_SYS_INIT_L3_ADDR) && \
- defined(CONFIG_SECURE_BOOT)
- /* Disable the TLB Created for L3 and create the TLB required for
* PCIE (CONFIG_SYS_PCIE1_MEM_VIRT) which was not createdearlier.
*/- int tlb_index;
- tlb_index = find_tlb_idx((void *)CONFIG_BPTR_VIRT_ADDR, 1);
- if (tlb_index != -1) {
disable_tlb(tlb_index);set_tlb(1, CONFIG_SYS_PCIE1_MEM_VIRT,CONFIG_SYS_PCIE1_MEM_PHYS,MAS3_SW|MAS3_SR, MAS2_I|MAS2_G,0, tlb_index, BOOKE_PAGESZ_1G, 1);- }
+#endif
Why are you assuming in generic 85xx code that the TLB for PCIE1 needs to be created? e500mc should have enough TLB1 entries that you don't need to share (or if it's due to address conflicts, a board may have PCI at a different address), and PCI may not exist at all on
some boards.
-Scott
TLB's are created in freescale/common/p_corenet/tlb.c
Which doesn't apply to all 85xx boards (even custom corenet-based boards might not use it -- or if that's not the case, it should be moved out of the board directory). It's also not obvious to anyone modifying that tlb.c file or the address of PCIE1 that this would be affected.
In case of Secure Boot, L3 is used as 1M SRAM and the address of the
SRAM is at 0xbff00000.
Is this hardcoded into the silicon, or determined by PBI or something similar? If it's not hardcoded, can we choose a less problematic address?
It is not hardcoded but we have a restriction of choosing the address within 0 - 3.5G. 0xbff00000 seemed to be the least problematic at this point of time.
If it is hardcoded, and we don't want to change the PCIE1 virtual address, at least create defines for the entry to be created once SRAM goes away, rather than hardcoding PCIE1 here.
Are you suggesting something like this in cpu_init_r() set_tlb(1, CONFIG_SECBOOT_TLB_VIRT_ADDR, CONFIG_SECBOOT_TLB_PHYS_ADDR, CONFIG_SECBOOT_TLB_PERM, CONFIG_SECBOOT_TLB_ATTR, 0, tlb_index, CONFIG_SECBOOT_TLB_PAGESZ, 1);
I plan to define these macros in tlb.c where we have added the code for these TLBS creation
#define CONFIG_SECBOOT_TLB_VIRT_ADDR CONFIG_SYS_PCIE1_MEM_VIRT #define CONFIG_SECBOOT_TLB_PHYS_ADDR CONFIG_SYS_PCIE1_MEM_PHYS #define CONFIG_SECBOOT_TLB_PERM MAS3_SW|MAS3_SR #define CONFIG_SECBOOT_TLB_ATTR MAS2_I|MAS2_G #define CONFIG_SECBOOT_TLB_PAGESZ BOOKE_PAGESZ_1G
-Scott
participants (3)
-
Aneesh Bansal -
aneesh.bansal@freescale.com
-
Scott Wood