From: Andreas Dannenberg <dannenberg@ti.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH v2] SPL: FIT: Enable SPL_FIT_LOAD in RAM based boot mode
Date: Thu, 19 May 2016 14:26:20 -0500 [thread overview]
Message-ID: <20160519192619.GA7236@borg.dal.design.ti.com> (raw)
In-Reply-To: <CAHTX3d+ME_phHxf9XLOaXWz-kOqp9hwiXJ-OGHumK3aEeDZptw@mail.gmail.com>
Hi Michael,
On Thu, May 19, 2016 at 08:33:28PM +0200, Michal Simek wrote:
> Hi Andreas,
>
> 2016-05-19 20:16 GMT+02:00 Andreas Dannenberg <dannenberg@ti.com>:
>
> > Hi Michal,
> >
> > On Thu, May 19, 2016 at 06:38:04PM +0200, Michal Simek wrote:
> > > On 19.5.2016 18:15, Andreas Dannenberg wrote:
> > > > On Tue, May 17, 2016 at 07:00:24PM +0200, Michal Simek wrote:
> > > >> Support loading FIT in SPL for RAM bootmode.
> > > >> CONFIG_SPL_LOAD_FIT_ADRESS points to address where FIT image is stored
> > > >> in memory.
> > > >>
> > > >> Signed-off-by: Michal Simek <michal.simek@xilinx.com>
> > > >> Reviewed-by: Simon Glass <sjg@chromium.org>
> > > >> ---
> > > >
> > > > Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
> > > >
> > > >
> > > > That's a very useful addition to the SPL FIT toolbox! I have a use case
> > > > where I may need to decrypt/authenticate an SPL FIT image in its
> > entirety
> > > > before processing it so this can be used for this as well.
> > >
> > > Do you have also use case where you need to load more files from FIT?
> > > There is loadable entry in FIT config entry.
> >
> > Not yet but I may get there. I'm experimenting with using U-Boot to load
> > and install a secure monitor mode application (specifically, OP-TEE OS),
> > so that will need to come from somewhere eventually and FIT would be a
> > natural place for that binary to reside since we can easily authenticate
> > it.
>
>
> ok what arch?
> What's the flow which you want to support?
> SPL to load OPTEE and ATF and full u-boot and jump to ATF which runs OPTEE
> and run to U-Boot?
I working with TI's current SoCs and those are ARMv7-A and there is no
ATF but instead a proprietary solution comprising ROM code and some
low-level code that gets loaded/authenticated/executed by said ROM in a
secure fashion before the regular boot flow starts (SPL, U-Boot, and so
on). There is flexibility to load/install a new secure monitor code
during SPL, U-Boot, or in fact at any other time (even after let's say
Linux is booted up) but from an overall system architecture POV we need
that new secure monitor (OP-TEE OS in this case) to be up before the
Kernel is loaded.
Anyways the goal is not only to get it working but also to have a
solution that plays nice with everything else and can be contributed
upstream.
Thanks and Regards,
Andreas
next prev parent reply other threads:[~2016-05-19 19:26 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-17 17:00 [U-Boot] [PATCH v2] SPL: FIT: Enable SPL_FIT_LOAD in RAM based boot mode Michal Simek
2016-05-18 15:12 ` Lokesh Vutla
2016-05-18 15:22 ` Michal Simek
2016-05-18 16:50 ` Lokesh Vutla
2016-05-19 16:15 ` Andreas Dannenberg
2016-05-19 16:38 ` Michal Simek
2016-05-19 18:16 ` Andreas Dannenberg
2016-05-19 18:33 ` Michal Simek
2016-05-19 19:26 ` Andreas Dannenberg [this message]
2016-05-20 6:05 ` Michal Simek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160519192619.GA7236@borg.dal.design.ti.com \
--to=dannenberg@ti.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.