blob: 5163161b94d6ffc6f7fffa071d1b7c57707b3717 [file] [log] [blame]
Neha Malcom Francis45140f02023-07-22 00:14:26 +05301// SPDX-License-Identifier: GPL-2.0
2/*
3 * Copyright (C) 2022-2023 Texas Instruments Incorporated - https://www.ti.com/
4 */
5
Manorit Chawdhry6f2fad62023-12-29 16:16:28 +05306#include "k3-security.h"
7
Neha Malcom Francis45140f02023-07-22 00:14:26 +05308/ {
9 binman: binman {
10 multiple-images;
11 };
12};
13
14&binman {
15 custMpk {
16 filename = "custMpk.pem";
Marcel Ziswiler060d30f2023-08-04 12:08:07 +020017 custmpk_pem: blob-ext {
Nishanth Menon150e41d2023-11-03 21:45:11 -050018 filename = "arch/arm/mach-k3/keys/custMpk.pem";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053019 };
20 };
21
22 ti-degenerate-key {
23 filename = "ti-degenerate-key.pem";
Marcel Ziswiler060d30f2023-08-04 12:08:07 +020024 dkey_pem: blob-ext {
Nishanth Menon6725ec72023-11-03 21:45:10 -050025 filename = "arch/arm/mach-k3/keys/ti-degenerate-key.pem";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053026 };
27 };
28};
29
30#ifndef CONFIG_ARM64
31
32&binman {
33 board-cfg {
34 filename = "board-cfg.bin";
35 bcfg_yaml: ti-board-config {
36 config = "board-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -060037 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053038 };
39 };
40 pm-cfg {
41 filename = "pm-cfg.bin";
Marcel Ziswiler060d30f2023-08-04 12:08:07 +020042 pcfg_yaml: ti-board-config {
Neha Malcom Francis45140f02023-07-22 00:14:26 +053043 config = "pm-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -060044 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053045 };
46 };
47 rm-cfg {
48 filename = "rm-cfg.bin";
Marcel Ziswiler060d30f2023-08-04 12:08:07 +020049 rcfg_yaml: ti-board-config {
Neha Malcom Francis45140f02023-07-22 00:14:26 +053050 config = "rm-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -060051 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053052 };
53 };
54 sec-cfg {
55 filename = "sec-cfg.bin";
56 scfg_yaml: ti-board-config {
57 config = "sec-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -060058 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053059 };
60 };
61 combined-tifs-cfg {
62 filename = "combined-tifs-cfg.bin";
63 ti-board-config {
64 bcfg_yaml_tifs: board-cfg {
65 config = "board-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -060066 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053067 };
68 scfg_yaml_tifs: sec-cfg {
69 config = "sec-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -060070 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053071 };
72 pcfg_yaml_tifs: pm-cfg {
73 config = "pm-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -060074 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053075 };
76 rcfg_yaml_tifs: rm-cfg {
77 config = "rm-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -060078 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053079 };
80 };
81 };
82 combined-dm-cfg {
83 filename = "combined-dm-cfg.bin";
84 ti-board-config {
85 pcfg_yaml_dm: pm-cfg {
86 config = "pm-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -060087 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053088 };
89 rcfg_yaml_dm: rm-cfg {
90 config = "rm-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -060091 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +053092 };
93 };
94 };
95 combined-sysfw-cfg {
96 filename = "combined-sysfw-cfg.bin";
97 ti-board-config {
Marcel Ziswiler060d30f2023-08-04 12:08:07 +020098 bcfg_yaml_sysfw: board-cfg {
Neha Malcom Francis45140f02023-07-22 00:14:26 +053099 config = "board-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -0600100 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +0530101 };
Marcel Ziswiler060d30f2023-08-04 12:08:07 +0200102 scfg_yaml_sysfw: sec-cfg {
Neha Malcom Francis45140f02023-07-22 00:14:26 +0530103 config = "sec-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -0600104 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +0530105 };
Marcel Ziswiler060d30f2023-08-04 12:08:07 +0200106 pcfg_yaml_sysfw: pm-cfg {
Neha Malcom Francis45140f02023-07-22 00:14:26 +0530107 config = "pm-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -0600108 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +0530109 };
Marcel Ziswiler060d30f2023-08-04 12:08:07 +0200110 rcfg_yaml_sysfw: rm-cfg {
Neha Malcom Francis45140f02023-07-22 00:14:26 +0530111 config = "rm-cfg.yaml";
Andrew Davis430281d2023-11-22 15:30:05 -0600112 schema = "arch/arm/mach-k3/schema.yaml";
Neha Malcom Francis45140f02023-07-22 00:14:26 +0530113 };
114 };
115 };
116};
117
Neha Malcom Francis86b363d2023-11-15 15:40:23 +0530118&binman {
119 itb_template: template-5 {
120 fit {
121 description = "SYSFW and Config fragments";
122 #address-cells = <1>;
123 images {
124 sysfw.bin {
125 description = "sysfw";
126 type = "firmware";
127 arch = "arm";
128 compression = "none";
129 blob-ext {
130 filename = "sysfw.bin";
131 };
132 };
133 board-cfg.bin {
134 description = "board-cfg";
135 type = "firmware";
136 arch = "arm";
137 compression = "none";
138 ti-secure {
139 content = <&board_cfg>;
140 keyfile = "custMpk.pem";
141 };
142 board_cfg: board-cfg {
143 filename = "board-cfg.bin";
144 type = "blob-ext";
145 };
146
147 };
148 pm-cfg.bin {
149 description = "pm-cfg";
150 type = "firmware";
151 arch = "arm";
152 compression = "none";
153 ti-secure {
154 content = <&pm_cfg>;
155 keyfile = "custMpk.pem";
156 };
157 pm_cfg: pm-cfg {
158 filename = "pm-cfg.bin";
159 type = "blob-ext";
160 };
161 };
162 rm-cfg.bin {
163 description = "rm-cfg";
164 type = "firmware";
165 arch = "arm";
166 compression = "none";
167 ti-secure {
168 content = <&rm_cfg>;
169 keyfile = "custMpk.pem";
170 };
171 rm_cfg: rm-cfg {
172 filename = "rm-cfg.bin";
173 type = "blob-ext";
174 };
175 };
176 sec-cfg.bin {
177 description = "sec-cfg";
178 type = "firmware";
179 arch = "arm";
180 compression = "none";
181 ti-secure {
182 content = <&sec_cfg>;
183 keyfile = "custMpk.pem";
184 };
185 sec_cfg: sec-cfg {
186 filename = "sec-cfg.bin";
187 type = "blob-ext";
188 };
189 };
190 };
191 };
192 };
193
194 itb_unsigned_template: template-6 {
195 fit {
196 description = "SYSFW and Config fragments";
197 #address-cells = <1>;
198 images {
199 sysfw.bin {
200 description = "sysfw";
201 type = "firmware";
202 arch = "arm";
203 compression = "none";
204 blob-ext {
205 filename = "sysfw.bin_fs";
206 };
207 };
208 board-cfg.bin {
209 description = "board-cfg";
210 type = "firmware";
211 arch = "arm";
212 compression = "none";
213 board-cfg {
214 filename = "board-cfg.bin";
215 type = "blob-ext";
216 };
217
218 };
219 pm-cfg.bin {
220 description = "pm-cfg";
221 type = "firmware";
222 arch = "arm";
223 compression = "none";
224 pm-cfg {
225 filename = "pm-cfg.bin";
226 type = "blob-ext";
227 };
228 };
229 rm-cfg.bin {
230 description = "rm-cfg";
231 type = "firmware";
232 arch = "arm";
233 compression = "none";
234 rm-cfg {
235 filename = "rm-cfg.bin";
236 type = "blob-ext";
237 };
238 };
239 sec-cfg.bin {
240 description = "sec-cfg";
241 type = "firmware";
242 arch = "arm";
243 compression = "none";
244 sec-cfg {
245 filename = "sec-cfg.bin";
246 type = "blob-ext";
247 };
248 };
249 };
250 };
251 };
252};
253
254#else
255
256&binman {
257 ti_spl_template: template-1 {
258 filename = "tispl.bin";
259 pad-byte = <0xff>;
260
261 fit {
262 description = "Configuration to load ATF and SPL";
263 #address-cells = <1>;
264
265 images {
266
267 atf {
268 description = "ARM Trusted Firmware";
269 type = "firmware";
270 arch = "arm64";
271 compression = "none";
272 os = "arm-trusted-firmware";
273 load = <CONFIG_K3_ATF_LOAD_ADDR>;
274 entry = <CONFIG_K3_ATF_LOAD_ADDR>;
275 ti-secure {
276 content = <&atf>;
277 keyfile = "custMpk.pem";
278 };
279 atf: atf-bl31 {
280 };
281 };
282
283 tee {
284 description = "OP-TEE";
285 type = "tee";
286 arch = "arm64";
287 compression = "none";
288 os = "tee";
Andrew Davis27df8602024-02-14 10:30:05 -0600289 load = <CONFIG_K3_OPTEE_LOAD_ADDR>;
290 entry = <CONFIG_K3_OPTEE_LOAD_ADDR>;
Neha Malcom Francis86b363d2023-11-15 15:40:23 +0530291 ti-secure {
292 content = <&tee>;
293 keyfile = "custMpk.pem";
294 };
295 tee: tee-os {
Michael Trimarchib9d62242024-02-26 08:14:15 +0100296 optional;
Neha Malcom Francis86b363d2023-11-15 15:40:23 +0530297 };
298 };
299
300 dm {
301 description = "DM binary";
302 type = "firmware";
303 arch = "arm32";
304 compression = "none";
305 os = "DM";
306 load = <0x89000000>;
307 entry = <0x89000000>;
308 };
309
310 spl {
311 description = "SPL (64-bit)";
312 type = "standalone";
313 os = "U-Boot";
314 arch = "arm64";
315 compression = "none";
316 load = <CONFIG_SPL_TEXT_BASE>;
317 entry = <CONFIG_SPL_TEXT_BASE>;
318 ti-secure {
319 content = <&u_boot_spl_nodtb>;
320 keyfile = "custMpk.pem";
321
322 };
323 u_boot_spl_nodtb: blob-ext {
324 filename = "spl/u-boot-spl-nodtb.bin";
325 };
326 };
327
328 };
329 };
330 };
331 ti_spl_unsigned_template: template-2 {
332 filename = "tispl.bin_unsigned";
333 pad-byte = <0xff>;
334
335 fit {
336 description = "Configuration to load ATF and SPL";
337 #address-cells = <1>;
338
339 images {
340
341 atf {
342 description = "ARM Trusted Firmware";
343 type = "firmware";
344 arch = "arm64";
345 compression = "none";
346 os = "arm-trusted-firmware";
347 load = <CONFIG_K3_ATF_LOAD_ADDR>;
348 entry = <CONFIG_K3_ATF_LOAD_ADDR>;
349 atf-bl31 {
350 filename = "bl31.bin";
351 };
352 };
353
354 tee {
355 description = "OP-TEE";
356 type = "tee";
357 arch = "arm64";
358 compression = "none";
359 os = "tee";
Andrew Davis27df8602024-02-14 10:30:05 -0600360 load = <CONFIG_K3_OPTEE_LOAD_ADDR>;
361 entry = <CONFIG_K3_OPTEE_LOAD_ADDR>;
Neha Malcom Francis86b363d2023-11-15 15:40:23 +0530362 tee-os {
363 filename = "tee-raw.bin";
Michael Trimarchib9d62242024-02-26 08:14:15 +0100364 optional;
Neha Malcom Francis86b363d2023-11-15 15:40:23 +0530365 };
366 };
367
368 dm {
369 description = "DM binary";
370 type = "firmware";
371 arch = "arm32";
372 compression = "none";
373 os = "DM";
374 load = <0x89000000>;
375 entry = <0x89000000>;
376 };
377
378 spl {
379 description = "SPL (64-bit)";
380 type = "standalone";
381 os = "U-Boot";
382 arch = "arm64";
383 compression = "none";
384 load = <CONFIG_SPL_TEXT_BASE>;
385 entry = <CONFIG_SPL_TEXT_BASE>;
386 blob-ext {
387 filename = "spl/u-boot-spl-nodtb.bin";
388 };
389 };
390 };
391 };
392 };
393 u_boot_template: template-3 {
394 filename = "u-boot.img";
395 pad-byte = <0xff>;
396
397 fit {
398 description = "FIT image with multiple configurations";
399
400 images {
401 uboot {
402 type = "firmware";
403 os = "u-boot";
404 arch = "arm";
405 compression = "none";
406 load = <CONFIG_TEXT_BASE>;
407 ti-secure {
408 content = <&u_boot_nodtb>;
409 keyfile = "custMpk.pem";
410 };
411 u_boot_nodtb: u-boot-nodtb {
412 };
413 hash {
414 algo = "crc32";
415 };
416 };
417 };
418 };
419 };
420 u_boot_unsigned_template: template-4 {
421 filename = "u-boot.img_unsigned";
422 pad-byte = <0xff>;
423
424 fit {
425 description = "FIT image with multiple configurations";
426
427 images {
428 uboot {
429 type = "firmware";
430 os = "u-boot";
431 arch = "arm";
432 compression = "none";
433 load = <CONFIG_TEXT_BASE>;
434 blob {
435 filename = "u-boot-nodtb.bin";
436 };
437 hash {
438 algo = "crc32";
439 };
440 };
441 };
442 };
443 };
Manorit Chawdhry6f2fad62023-12-29 16:16:28 +0530444 firewall_bg_1: template-5 {
445 control = <(FWCTRL_EN | FWCTRL_LOCK |
446 FWCTRL_BG | FWCTRL_CACHE)>;
447 permissions = <((FWPRIVID_ALL << FWPRIVID_SHIFT) |
448 FWPERM_SECURE_PRIV_RWCD |
449 FWPERM_SECURE_USER_RWCD |
450 FWPERM_NON_SECURE_PRIV_RWCD |
451 FWPERM_NON_SECURE_USER_RWCD)>;
452 start_address = <0x0 0x0>;
453 end_address = <0xff 0xffffffff>;
454 };
455 firewall_bg_3: template-6 {
456 insert-template = <&firewall_bg_1>;
457 permissions = <((FWPRIVID_ALL << FWPRIVID_SHIFT) |
458 FWPERM_SECURE_PRIV_RWCD |
459 FWPERM_SECURE_USER_RWCD |
460 FWPERM_NON_SECURE_PRIV_RWCD |
461 FWPERM_NON_SECURE_USER_RWCD)>,
462 <((FWPRIVID_ALL << FWPRIVID_SHIFT) |
463 FWPERM_SECURE_PRIV_RWCD |
464 FWPERM_SECURE_USER_RWCD |
465 FWPERM_NON_SECURE_PRIV_RWCD |
466 FWPERM_NON_SECURE_USER_RWCD)>,
467 <((FWPRIVID_ALL << FWPRIVID_SHIFT) |
468 FWPERM_SECURE_PRIV_RWCD |
469 FWPERM_SECURE_USER_RWCD |
470 FWPERM_NON_SECURE_PRIV_RWCD |
471 FWPERM_NON_SECURE_USER_RWCD)>;
472 };
473 firewall_armv8_atf_fg: template-7 {
474 control = <(FWCTRL_EN | FWCTRL_LOCK |
475 FWCTRL_CACHE)>;
476 permissions = <((FWPRIVID_ARMV8 << FWPRIVID_SHIFT) |
477 FWPERM_SECURE_PRIV_RWCD |
478 FWPERM_SECURE_USER_RWCD)>;
479 start_address = <0x0 0x70000000>;
480 end_address = <0x0 0x7001ffff>;
481 };
482 firewall_armv8_optee_fg: template-8 {
483 control = <(FWCTRL_EN | FWCTRL_LOCK |
484 FWCTRL_CACHE)>;
485 permissions = <((FWPRIVID_ARMV8 << FWPRIVID_SHIFT) |
486 FWPERM_SECURE_PRIV_RWCD |
487 FWPERM_SECURE_USER_RWCD)>;
488 start_address = <0x0 0x9e800000>;
489 end_address = <0x0 0x9fffffff>;
490 };
Neha Malcom Francis86b363d2023-11-15 15:40:23 +0530491
492};
493
Neha Malcom Francis45140f02023-07-22 00:14:26 +0530494#endif