commit ad0943e22a1be520cbf8d9782adfe4ea90296244
author Sheetal Tigadoli <sheetal.tigadoli@broadcom.com> Wed Dec 18 19:44:43 2019 +0530
committer Sheetal Tigadoli <sheetal.tigadoli@broadcom.com> Fri Apr 03 17:12:42 2020 +0530
tree 1666048f65b87a7e25b3da9b22607484a3b96e01
parent 2a96dc2c6d2a798abc46de7ea2aaaad4d5297724

Add BL2 support for Broadcom stingray platform

Change-Id: I5daa3f2b4b9d85cb857547a588571a9aa8ad05c2
Signed-off-by: Sheetal Tigadoli <sheetal.tigadoli@broadcom.com>

plat/brcm/board/common/board_common.mk

diff --git a/plat/brcm/board/common/board_common.mk b/plat/brcm/board/common/board_common.mk
index 7c9cf77..3a879de 100644
--- a/plat/brcm/board/common/board_common.mk
+++ b/plat/brcm/board/common/board_common.mk
@@ -28,6 +28,17 @@
 $(eval $(call add_define,SYSCNT_FREQ))
 endif
 
+# By default, Trusted Watchdog is always enabled unless SPIN_ON_BL1_EXIT is set
+ifeq (${BRCM_DISABLE_TRUSTED_WDOG},)
+BRCM_DISABLE_TRUSTED_WDOG	:=	0
+endif
+ifeq (${SPIN_ON_BL1_EXIT}, 1)
+BRCM_DISABLE_TRUSTED_WDOG	:=	1
+endif
+
+$(eval $(call assert_boolean,BRCM_DISABLE_TRUSTED_WDOG))
+$(eval $(call add_define,BRCM_DISABLE_TRUSTED_WDOG))
+
 # Process ARM_BL31_IN_DRAM flag
 ifeq (${ARM_BL31_IN_DRAM},)
 ARM_BL31_IN_DRAM		:=	0
@@ -36,6 +47,7 @@
 $(eval $(call add_define,ARM_BL31_IN_DRAM))
 
 ifeq (${STANDALONE_BL2},yes)
+BL2_LOG_LEVEL := 40
 $(eval $(call add_define,MMU_DISABLED))
 endif
 
@@ -45,6 +57,29 @@
 $(eval $(call add_define,RUN_BL2_FROM_QSPI))
 endif
 
+# BL2 XIP from NAND
+RUN_BL2_FROM_NAND := 0
+ifeq (${RUN_BL2_FROM_NAND},1)
+$(eval $(call add_define,RUN_BL2_FROM_NAND))
+endif
+
+ifneq (${ELOG_AP_UART_LOG_BASE},)
+$(eval $(call add_define,ELOG_AP_UART_LOG_BASE))
+endif
+
+ifeq (${ELOG_SUPPORT},1)
+ifeq (${ELOG_STORE_MEDIA},DDR)
+$(eval $(call add_define,ELOG_STORE_MEDIA_DDR))
+ifneq (${ELOG_STORE_OFFSET},)
+$(eval $(call add_define,ELOG_STORE_OFFSET))
+endif
+endif
+endif
+
+ifneq (${BL2_LOG_LEVEL},)
+$(eval $(call add_define,BL2_LOG_LEVEL))
+endif
+
 # Use CRMU SRAM from iHOST
 ifneq (${USE_CRMU_SRAM},)
 $(eval $(call add_define,USE_CRMU_SRAM))
@@ -63,15 +98,18 @@
 PLAT_BL_COMMON_SOURCES	+=	plat/brcm/common/brcm_common.c \
 				plat/brcm/board/common/cmn_sec.c \
 				plat/brcm/board/common/bcm_console.c \
+				plat/brcm/board/common/brcm_mbedtls.c \
 				plat/brcm/board/common/plat_setup.c \
 				plat/brcm/board/common/platform_common.c \
 				drivers/arm/sp804/sp804_delay_timer.c \
+				drivers/brcm/sotp.c \
 				drivers/delay_timer/delay_timer.c \
 				drivers/io/io_fip.c \
 				drivers/io/io_memmap.c \
 				drivers/io/io_storage.c \
 				plat/brcm/common/brcm_io_storage.c \
 				plat/brcm/board/common/err.c \
+				plat/brcm/board/common/sbl_util.c \
 				drivers/arm/sp805/sp805.c
 
 BL2_SOURCES		+=	plat/brcm/common/brcm_bl2_mem_params_desc.c \
@@ -82,6 +120,88 @@
 
 BL31_SOURCES		+=	plat/brcm/common/brcm_bl31_setup.c
 
+ifeq (${BCM_ELOG},yes)
+ELOG_SOURCES		+= 	plat/brcm/board/common/bcm_elog.c
+BL2_SOURCES		+= 	${ELOG_SOURCES}
+endif
+
+ifeq (${DRIVER_OCOTP_ENABLE},1)
+$(eval $(call add_define,DRIVER_OCOTP_ENABLE))
+BL2_SOURCES		+= drivers/brcm/ocotp.c
+endif
+
+# Enable FRU table support
+ifeq (${USE_FRU},yes)
+$(eval $(call add_define,USE_FRU))
+BL2_SOURCES		+= drivers/brcm/fru.c
+endif
+
+# Enable GPIO support
+ifeq (${USE_GPIO},yes)
+$(eval $(call add_define,USE_GPIO))
+BL2_SOURCES             += drivers/gpio/gpio.c
+BL2_SOURCES             += drivers/brcm/iproc_gpio.c
+ifeq (${GPIO_SUPPORT_FLOAT_DETECTION},yes)
+$(eval $(call add_define,GPIO_SUPPORT_FLOAT_DETECTION))
+endif
+endif
+
+# Include mbedtls if it can be located
+MBEDTLS_DIR := mbedtls
+MBEDTLS_CHECK := $(shell find ${MBEDTLS_DIR}/include -name '${MBEDTLS_DIR}')
+
+ifneq (${MBEDTLS_CHECK},)
+$(info Found mbedTLS at ${MBEDTLS_DIR})
+PLAT_INCLUDES += -I${MBEDTLS_DIR}/include/mbedtls
+# Specify mbedTLS configuration file
+MBEDTLS_CONFIG_FILE	:=	"<brcm_mbedtls_config.h>"
+
+# By default, use RSA keys
+KEY_ALG := rsa_1_5
+
+# Include common TBB sources
+AUTH_SOURCES	+= 	drivers/auth/auth_mod.c \
+			drivers/auth/crypto_mod.c \
+			drivers/auth/img_parser_mod.c \
+			drivers/auth/tbbr/tbbr_cot.c
+
+BL2_SOURCES	+=	${AUTH_SOURCES}
+
+# Use ATF framework for MBEDTLS
+TRUSTED_BOARD_BOOT := 1
+CRYPTO_LIB_MK := drivers/auth/mbedtls/mbedtls_crypto.mk
+IMG_PARSER_LIB_MK := drivers/auth/mbedtls/mbedtls_x509.mk
+$(info Including ${CRYPTO_LIB_MK})
+include ${CRYPTO_LIB_MK}
+$(info Including ${IMG_PARSER_LIB_MK})
+include ${IMG_PARSER_LIB_MK}
+
+# Use ATF secure boot functions
+# Use Hardcoded hash for devel
+
+ARM_ROTPK_LOCATION=arm_rsa
+ifeq (${ARM_ROTPK_LOCATION}, arm_rsa)
+ARM_ROTPK_LOCATION_ID=ARM_ROTPK_DEVEL_RSA_ID
+ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem
+else ifeq (${ARM_ROTPK_LOCATION}, brcm_rsa)
+ARM_ROTPK_LOCATION_ID=BRCM_ROTPK_SOTP_RSA_ID
+ifeq (${ROT_KEY},)
+ROT_KEY=plat/brcm/board/common/rotpk/rsa_dauth2048_key.pem
+endif
+KEY_FIND := $(shell m="${ROT_KEY}"; [ -f "$$m" ] && echo "$$m")
+ifeq (${KEY_FIND},)
+$(error Error: No ${ROT_KEY} located)
+else
+$(info Using ROT_KEY: ${ROT_KEY})
+endif
+else
+$(error "Unsupported ARM_ROTPK_LOCATION value")
+endif
+
+$(eval $(call add_define,ARM_ROTPK_LOCATION_ID))
+PLAT_BL_COMMON_SOURCES+=plat/brcm/board/common/board_arm_trusted_boot.c
+endif
+
 #M0 runtime firmware
 ifdef SCP_BL2
 $(eval $(call add_define,NEED_SCP_BL2))