From: Andreas Dannenberg <dannenberg@ti.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH v2] SPL: FIT: Enable SPL_FIT_LOAD in RAM based boot mode
Date: Thu, 19 May 2016 14:26:20 -0500 [thread overview]
Message-ID: <20160519192619.GA7236@borg.dal.design.ti.com> (raw)
In-Reply-To: <CAHTX3d+ME_phHxf9XLOaXWz-kOqp9hwiXJ-OGHumK3aEeDZptw@mail.gmail.com>
Hi Michael,
On Thu, May 19, 2016 at 08:33:28PM +0200, Michal Simek wrote:
> Hi Andreas,
>
> 2016-05-19 20:16 GMT+02:00 Andreas Dannenberg <dannenberg@ti.com>:
>
> > Hi Michal,
> >
> > On Thu, May 19, 2016 at 06:38:04PM +0200, Michal Simek wrote:
> > > On 19.5.2016 18:15, Andreas Dannenberg wrote:
> > > > On Tue, May 17, 2016 at 07:00:24PM +0200, Michal Simek wrote:
> > > >> Support loading FIT in SPL for RAM bootmode.
> > > >> CONFIG_SPL_LOAD_FIT_ADRESS points to address where FIT image is stored
> > > >> in memory.
> > > >>
> > > >> Signed-off-by: Michal Simek <michal.simek@xilinx.com>
> > > >> Reviewed-by: Simon Glass <sjg@chromium.org>
> > > >> ---
> > > >
> > > > Reviewed-by: Andreas Dannenberg <dannenberg@ti.com>
> > > >
> > > >
> > > > That's a very useful addition to the SPL FIT toolbox! I have a use case
> > > > where I may need to decrypt/authenticate an SPL FIT image in its
> > entirety
> > > > before processing it so this can be used for this as well.
> > >
> > > Do you have also use case where you need to load more files from FIT?
> > > There is loadable entry in FIT config entry.
> >
> > Not yet but I may get there. I'm experimenting with using U-Boot to load
> > and install a secure monitor mode application (specifically, OP-TEE OS),
> > so that will need to come from somewhere eventually and FIT would be a
> > natural place for that binary to reside since we can easily authenticate
> > it.
>
>
> ok what arch?
> What's the flow which you want to support?
> SPL to load OPTEE and ATF and full u-boot and jump to ATF which runs OPTEE
> and run to U-Boot?
I working with TI's current SoCs and those are ARMv7-A and there is no
ATF but instead a proprietary solution comprising ROM code and some
low-level code that gets loaded/authenticated/executed by said ROM in a
secure fashion before the regular boot flow starts (SPL, U-Boot, and so
on). There is flexibility to load/install a new secure monitor code
during SPL, U-Boot, or in fact at any other time (even after let's say
Linux is booted up) but from an overall system architecture POV we need
that new secure monitor (OP-TEE OS in this case) to be up before the
Kernel is loaded.
Anyways the goal is not only to get it working but also to have a
solution that plays nice with everything else and can be contributed
upstream.
Thanks and Regards,
Andreas
next prev parent reply other threads:[~2016-05-19 19:26 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-17 17:00 [U-Boot] [PATCH v2] SPL: FIT: Enable SPL_FIT_LOAD in RAM based boot mode Michal Simek
2016-05-18 15:12 ` Lokesh Vutla
2016-05-18 15:22 ` Michal Simek
2016-05-18 16:50 ` Lokesh Vutla
2016-05-19 16:15 ` Andreas Dannenberg
2016-05-19 16:38 ` Michal Simek
2016-05-19 18:16 ` Andreas Dannenberg
2016-05-19 18:33 ` Michal Simek
2016-05-19 19:26 ` Andreas Dannenberg [this message]
2016-05-20 6:05 ` Michal Simek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160519192619.GA7236@borg.dal.design.ti.com \
--to=dannenberg@ti.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox