New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mediatek: mt7986: only protect BL32 memory if needed #6
mediatek: mt7986: only protect BL32 memory if needed #6
Commits on Jul 4, 2023
-
Makefile: enable debug symbols for release build
Enable debug symbols for release build which will be convenient for debugging over JTAG. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for b8beda0 - Browse repository at this point
Copy the full SHA b8beda0View commit details -
build_macros.mk: add support to use prebuilt libraries
Add support to use prebuilt libraries for BL2 and BL31 Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 1c18c4e - Browse repository at this point
Copy the full SHA 1c18c4eView commit details -
tools: mediatek: add support for MediaTek bromimage utility
This utility is used for adding a BootROM readable header for BL2 image. The BL2 image is directly loaded by the BootROM and supports RSA signing for secure boot. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 464e030 - Browse repository at this point
Copy the full SHA 464e030View commit details -
tools: mediatek: add anti-rollback related tools
Add tools to generate anti-rollback table with an example Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 184a713 - Browse repository at this point
Copy the full SHA 184a713View commit details -
tools: mediatek: add offline signing tool for TBBR
There's a situation that ROT_KEY(private) does not exist in building environment, and thus signing is impossible during build stage. This tool is used to sign certificate without knowing ROT_KEY Since ROT_KEY is used to sign trusted_key.cert, we only need to make sure trusted_key.crt is signed correctly. This tool does the first, and third actions within following flow: 1. Extract sign body from trusted_key.cert 2. Sign body using ROT_KEY [Done by user after build] 3. Use signature to assemble new trusted_key.cert 4. use fiptool to generate new FIP image Usage: Extract sign body from trusted_key.crt: signoffline -p [fip_public_key] -c [trusted_key.crt] \ -m [message to be signed] Use signature to assemble new trusted_key.crt: signoffline -p [fip_public_key] -c [trusted_key.crt] \ -s [signature] -o [new trusted_key.crt] Signed-off-by: Tim-cy Yang <Tim-cy.Yang@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for ee13a12 - Browse repository at this point
Copy the full SHA ee13a12View commit details -
tools: add production-related tools
Add GPT editor for generate GPT table for SD/eMMC Add single image (ROM dump image) making tool Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for ebbcfb6 - Browse repository at this point
Copy the full SHA ebbcfb6View commit details -
mmc: do not check mmc_csd.spec_vers for eMMC
Some eMMC chips have wrong value of field spec_vers in CSD register. spec_vers is not checked by both linux kernel and u-boot. So it better to remove this check. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 65128b5 - Browse repository at this point
Copy the full SHA 65128b5View commit details -
mmc: add support to poll card busy state
Add support to poll card busy state for R1b command Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for e2bd6a5 - Browse repository at this point
Copy the full SHA e2bd6a5View commit details -
nand: record oob size in nand framework
Add oob_size field for nand framework Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 6ea9767 - Browse repository at this point
Copy the full SHA 6ea9767View commit details -
spi-nor: extend support for 4-byte address flashes
Support more 4-byte address flashes Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 219283b - Browse repository at this point
Copy the full SHA 219283bView commit details -
gpio: add interface for changing gpio mode
Add interface for gpio driver to change gpio mode Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for a3cfe2f - Browse repository at this point
Copy the full SHA a3cfe2fView commit details -
drivers: io: add support for UBI
This patch adds UBI loading support for BL2. The main UBI code comes from u-boot (drivers/mtd/ubispl.c) with modifications. The original code permits BSD-3-Clause license. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 939117a - Browse repository at this point
Copy the full SHA 939117aView commit details -
mediatek: add common files for APSoC platform
The APSoC platform includes mt7622, mt7629, filogic chips and future chips. These common files are shared between all chips list above. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 7171bda - Browse repository at this point
Copy the full SHA 7171bdaView commit details -
mediatek: common: add mediatek's generic spi-nand driver
We have detached from upstream spi-nand driver and implement this dedicated spi-nand driver with more features. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 712329c - Browse repository at this point
Copy the full SHA 712329cView commit details -
mediatek: common: add SiP implementation for APSoC platform
We have detached from upstream platforms, and thus implement APSoC's own SiP implementation. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com> fixup to apsoc imp
Configuration menu - View commit details
-
Copy full SHA for 0af11f9 - Browse repository at this point
Copy the full SHA 0af11f9View commit details -
mediatek: common: add MediaTek SD/eMMC controller driver
Add MediaTek SD/eMMC controller driver Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 038d3e9 - Browse repository at this point
Copy the full SHA 038d3e9View commit details -
mediatek: common: add SPI-NAND flash interface (SNFI) driver
Add SNFI driver for SPI-NAND flashes. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for b3446fb - Browse repository at this point
Copy the full SHA b3446fbView commit details -
mediatek: common: add generic high-speed UART console driver
Add generic high-speed UART console driver. This driver can be used to register console. When baud <= 115200, 16550-compatible mode will be used, otherwise high-speed mode will be used. An option can be used to force using high-speed mode. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for e0aa42c - Browse repository at this point
Copy the full SHA e0aa42cView commit details -
mediatek: common: add general-purpose timer (GPT) driver
Add general-purpose timer driver Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 1001697 - Browse repository at this point
Copy the full SHA 1001697View commit details -
mediatek: common: add generic efuse driver
Add generic efuse driver Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 1f215f0 - Browse repository at this point
Copy the full SHA 1f215f0View commit details -
mediatek: common: add common i2c bus and host drivers
This patch add i2c frameowrk for medaitek SoC. Also add rt5190 PMIC and ds3232 HWRTC example drivers Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 1ab146d - Browse repository at this point
Copy the full SHA 1ab146dView commit details -
mediatek: common: add spi-mem controller driver
This patch adds spi-mem controller driver with support for quad-spi Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 0baeee0 - Browse repository at this point
Copy the full SHA 0baeee0View commit details -
mediatek: common: add UART download protocol support
Add support for BL2 (boot from RAM ver.) to receive FIP from serial port. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 8ceb616 - Browse repository at this point
Copy the full SHA 8ceb616View commit details -
lib: add NAND mapping block management (NMBM) library
Add NAND mapping block management (NMBM) common library. This library acts as a translation layer to hide bad blocks of a raw NAND device. It's very useful for factory production where data may shift due to bad blocks. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for e3704a8 - Browse repository at this point
Copy the full SHA e3704a8View commit details -
lib: xz: add xz decompress support from xz-embedded-20210201
Add xz-embedded-20210201 from https://tukaani.org/xz/embedded.html Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 9a4578f - Browse repository at this point
Copy the full SHA 9a4578fView commit details -
Build: add xz compression image filter
Add support to compress images using xz Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 9457190 - Browse repository at this point
Copy the full SHA 9457190View commit details -
Makefile: add new bootloader stage for decompressing BL2 payload
This patch adds a new bootloader stage named BL2PL (aka. BL2 preloader) to support BL2 compression. This stage only implements XZ decompression for BL2 payload, and the BL2 payload must be compressed by XZ with crc32 checksum support. To make use of this stage, a BL2PL specific image header must be added to the compressed BL2 payload to record its load address and size. Then this payload with header should be directly appended to the end of BL2PL raw binary without any padding. ------------------------------- | BL2PL | Header | XZ payload | ------------------------------- On startup, BL2PL will first relocate itself to On-Chip SRAM and setup the C environment, and then decompress the real BL2 to its load address, and finally jump to the real BL2. --------------------------------------------------------------- | Stage | On-Chip SRAM | L2 shared SRAM | --------------------------------------------------------------- | 1 | | BL2PL | XZ payload | --------------------------------------------------------------- | 2 | BL2PL | XZ payload | --------------------------------------------------------------- | 3 | BL2PL | BL2 | XZ payload | --------------------------------------------------------------- Also, add a tool named bl2plimage to generate BL2PL image header for XZ compressed BL2 payload. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for c624304 - Browse repository at this point
Copy the full SHA c624304View commit details -
make_helpers: add simple build option dependency check
This patch adds a simple build option dependency checking mechanism, which makes changes of build options to take effect immediately without a clean. Currently we have many C macros defined in gcc command line by build options passed from the make command line. However in ATF build framework, the macros defined in gcc command line will not be treated as dependency, which means changes in those macros will not take effect to C source files using those macros. This mechanism is done by adding a dependency rule explictly for a specific source file, and the dependency rule is a new header file. Everytime before building, the mechanism writes all registered build options of a file to the dependency rule file. Once the build option is changed, the content of the dependency rule file will also be changed, which will trigger a rebuild of the source file. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 4015be6 - Browse repository at this point
Copy the full SHA 4015be6View commit details -
Prepare for MediaTek Anti-Rollback mechanism
The Anti-Rollback mechanism of MediaTek uses NV-counter for the minimum allowed version, and discard the original purpose of NV-counter. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 63c7515 - Browse repository at this point
Copy the full SHA 63c7515View commit details -
Prepare for MediaTek FSEK mechanism
The FSEK is used to help decrypt rootfs data. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 5f1b572 - Browse repository at this point
Copy the full SHA 5f1b572View commit details -
mediatek: mt7622: add initial BL2/BL31 support
Add initial BL2/BL31 support for mt7622. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for af97ca5 - Browse repository at this point
Copy the full SHA af97ca5View commit details -
mediatek: mt7622: add DDR initialization support
Add DDR initialization support for mt7622 Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
1Configuration menu - View commit details
-
Copy full SHA for a1663e3 - Browse repository at this point
Copy the full SHA a1663e3View commit details -
mediatek: mt7622: add eFuse read/write support
Add eFuse prebuilt library and relative SIP services for BL31 to allow BL33 to manipulate the eFuse features (SecureBoot, Anti-Rollback, ...) Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 0a07e77 - Browse repository at this point
Copy the full SHA 0a07e77View commit details -
mediatek: mt7622: add basic anti-rollback framework
Add basic anti-rollback framework for mt7622 (PATCH-v3) - Add ar_table tool which support parsing customer's version control xml file to generate auto-config file, and embeded those information into atf code - Modify platform.mk that allow us feed customer's version control xml file and build anti-rollback atf image in one step Usage: Add following parameters to make input: ANTI_ROLLBACK=1 ANTI_ROLLBACK_CONF=./ar_table_example.xml Add following make target to make input: ar_table For example: make PLAT=mt7622 BOOT_DEVICE=snand BROM_SIGN_KEY=/path/to/key \ BL33=/path/to/u-boot-binary MBEDTLS_DIR=/path/to/mbedtls \ TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 ROT_KEY=/path/to/key \ ANTI_ROLLBACK=1 ANTI_ROLLBACK_CONF=path/to/version-xml \ ar_table all fip Change since v2: - Fix multiple cert_tool --tfw-nvctr and --ntfw-nvctr parameters exist in the CERT_ARGS variable - Remove duplicate ar_table make target in platform.mk Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 8417a93 - Browse repository at this point
Copy the full SHA 8417a93View commit details -
mediatek: mt7622: add build option dependency rules
Add build option dependency rules to make sure option changes take effect on .o files immediately to avoid cleaning current build. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 2795ecb - Browse repository at this point
Copy the full SHA 2795ecbView commit details -
mediatek: mt7629: add initial BL2/BL32 support
Add initial BL2/BL32 support for mt7629. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 882087d - Browse repository at this point
Copy the full SHA 882087dView commit details -
mediatek: mt7629: add DDR initialization support
Add DDR initialization support for mt7629 Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for bbc815f - Browse repository at this point
Copy the full SHA bbc815fView commit details -
mediatek: mt7629: add eFuse read/write support
Add eFuse prebuilt library and relative SIP services for BL32 to allow BL33 to manipulate the eFuse features (SecureBoot, Anti-Rollback, ...) Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for c4c23d1 - Browse repository at this point
Copy the full SHA c4c23d1View commit details -
mediatek: mt7629: add build option dependency rules
Add build option dependency rules to make sure option changes take effect on .o files immediately to avoid cleaning current build. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 86f174a - Browse repository at this point
Copy the full SHA 86f174aView commit details -
mediatek: mt7986: add initial BL2/BL31 support
Add initial BL2/BL31 support for mt7986. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 72a72ba - Browse repository at this point
Copy the full SHA 72a72baView commit details -
mediatek: mt7986: add DDR initialization support
Add DDR initialization support for mt7986 Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 1e04ac3 - Browse repository at this point
Copy the full SHA 1e04ac3View commit details -
mediatek: mt7986: add eFuse read/write support
Add eFuse prebuilt library and relative SIP services for BL31 to allow BL33 to manipulate the eFuse features (SecureBoot, Anti-Rollback, ...) Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 089246c - Browse repository at this point
Copy the full SHA 089246cView commit details -
mediatek: mt7986: add anti-rollback support
This patch adds anti-rollback v2 support for mt7986 Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 77d57fe - Browse repository at this point
Copy the full SHA 77d57feView commit details -
mediatek: mt7986: add FSEK support
Add FSEK (FS encryption key) helper support for FS data decryption Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for dae39e7 - Browse repository at this point
Copy the full SHA dae39e7View commit details -
mediatek: mt7986: add build option dependency rules
Add build option dependency rules to make sure option changes take effect on .o files immediately to avoid cleaning current build. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 2ede294 - Browse repository at this point
Copy the full SHA 2ede294View commit details -
mediatek: mt7981: add initial BL2/BL31 support
Add initial BL2/BL31 support for mt7981. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for dd1ce80 - Browse repository at this point
Copy the full SHA dd1ce80View commit details -
mediatek: mt7981: add DDR initialization support
Add DDR initialization support for mt7981 Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for df15747 - Browse repository at this point
Copy the full SHA df15747View commit details -
mediatek: mt7981: add eFuse read/write support
Add eFuse prebuilt library and relative SIP services for BL31 to allow BL33 to manipulate the eFuse features (SecureBoot, Anti-Rollback, ...) Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 9e86e7f - Browse repository at this point
Copy the full SHA 9e86e7fView commit details -
mediatek: mt7981: add anti-rollback support
This patch adds anti-rollback v2 support for mt7981 Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 2b37ce0 - Browse repository at this point
Copy the full SHA 2b37ce0View commit details -
mediatek: mt7981: add build option dependency rules
Add build option dependency rules to make sure option changes take effect on .o files immediately to avoid cleaning current build. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 32f65ae - Browse repository at this point
Copy the full SHA 32f65aeView commit details
Commits on Jul 19, 2023
-
mediatek: mt7988: add initial BL2/BL31 support
Add initial BL2/BL31 support for mt7988. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 2584d32 - Browse repository at this point
Copy the full SHA 2584d32View commit details -
mediatek: mt7988: add DDR initialization support
Add DDR initialization support for mt7988 Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for b9067b0 - Browse repository at this point
Copy the full SHA b9067b0View commit details -
mediatek: mt7988: add eFuse read/write support
Add eFuse prebuilt library and relative SIP services for BL31 to allow BL33 to manipulate the eFuse features (SecureBoot, Anti-Rollback, ...) Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for 8cb0bc2 - Browse repository at this point
Copy the full SHA 8cb0bc2View commit details -
mediatek: mt7988: add anti-rollback support
This patch adds anti-rollback v2 support for mt7988 Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for d97911c - Browse repository at this point
Copy the full SHA d97911cView commit details -
mediatek: mt7988: add build option dependency rules
Add build option dependency rules to make sure option changes take effect on .o files immediately to avoid cleaning current build. Signed-off-by: Weijie Gao <weijie.gao@mediatek.com>
Configuration menu - View commit details
-
Copy full SHA for abcbd12 - Browse repository at this point
Copy the full SHA abcbd12View commit details
Commits on Jul 23, 2023
-
mediatek: mt7986: only protect BL32 memory if needed
Existing non-secure images for MT7986 exepect the reserved memory to span 0x43000000~0x4303ffff. Now, however, TZRAM2_SIZE added another 0x10000 on top of that which renders existing images incompatible with the updated TF-A build. To maintain compatibility, only protect memory for BL32 if NEED_BL32 is set and hence BL32 will be used at all. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Configuration menu - View commit details
-
Copy full SHA for 0594e61 - Browse repository at this point
Copy the full SHA 0594e61View commit details